Microsoft Exchange Server Exploits Hit Retail, Government, Education
Attackers are taking advantage of newly reported Microsoft Exchange Server vulnerabilities, preying on victims who have not yet installed the appropriate patches released on March 2 by the tech giant. According to Mandiant, attackers utilized four critical zero-day exploits last week to target a range of organizations across retail, government, and higher education. Mandiant published a report on the matter and their findings last week. Although the attacks have been limited, they have spread across several different sectors.
Organizations included in the list of targets developed by Mandiant include infectious disease researchers, law firms, defense contractors, policy think tanks, and others. Cybersecurity researchers have found evidence linking the attacks to a group referred to as Hafnium, which is believed to be state-sponsored and operates out of China. Mandiant began to observe attacks on these particular Microsoft Exchange Server vulnerabilities after noticing abuse of the flaws against at least one client in January.