Keylogger delivered via Microsoft Exchange Server exploits

23 May 2024

Attacks leveraging Microsoft Exchange Server vulnerabilities to facilitate keylogger malware deployment have been launched against more than 30 government, financial, education, and IT organizations in Africa and the Middle East since 2021, reports The Hacker News. Initial exploitation of the ProxyShell bugs, tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, has allowed authentication evasion, privilege escalation, and remote code execution followed by the installation of a keylogger to the main page of Exchange Server to enable account credential exfiltration from an internet-exposed file, according to a report from Positive Technologies, which has not yet linked the attack campaign to a specific operation due to inadequate information.

Source: SC Magazine

Date:

23 May 2024

Categorie(s):

NEWS

Tag(s):

IT, Keyloggers, Microsoft Exchange Server, Network Security, News

Criminals open DocuSign’s Envelope API to make BEC special delivery5 November 2024
Biden administration prepares second executive order on cybersecurity5 November 2024
Link Index for Customer Identity and Access Management5 November 2024
Technical debt, multi-cloud complexity hinder modern tech adoption5 November 2024
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions5 November 2024