Hackers Exploit Microsoft Exchange Vulnerabilities To Drop Babuk Ransomware

6 November 2021

The Cisco security researchers informed recently that another threat actors organization is targeting the Microsoft Exchange Server vulnerabilities to disseminate the ransomware “Babuk”, and to do so, they have not reinforced the ProxyShell vulnerability. The ProxyShell is a general term for 3 Exchange Server vulnerabilities that have:- CVE-2021-34473 CVE-2021-34523 CVE-2021-31207 However, all these 3 exchange servers belong to the following vulnerabilities that were already patched by Microsoft in April and in May this year:- Remote program attack vulnerability Permission expansion vulnerabilities Security function bypass vulnerabilities Initiates with Microsoft Exchange The Babuk ransomware attack initiates with a DLL or with a .NET executable that is grounded on the Exchange server by utilizing the ProxyShell vulnerability.

Read full article on GBHackers

Date:

6 November 2021

Categorie(s):

NEWS

Tag(s):

Babuk, Cyber Threats, Drop, Hacking, Ransomware

Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How Do I Know What New Casinos In New Zealand I Can Trust?4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024