×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 19 March

Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber attacks taking place in the week following their discovery. Prior to the flaws being revealed, Chinese nation-state threat actors had already exploited them to infiltrate numerous companies and access their data. Even since a patch was released, many other threat groups have found success using the vulnerabilities (including in ransomware attacks). This rapidly drove up the number of daily attacks between 11 and 17 of March 2021: from 700 to 7,200. Compounding the problem are proof of concept (PoC) exploit codes published on GitHub, which cybercriminals quickly shared on forums. The widespread use of the servers and distribution of PoCs will likely lead to persistent targeting of unpatched Exchange Servers in the short-term future (one to three months).

Previous Post
Weekly: Ransomware Resurgence - The Return of FIN8, DarkSide, and More!
Weekly: Ransomware Resurgence - The Return of FIN8, DarkSide, and More!

ShadowTalk hosts Stefano, Adam, Kim, and first-timer Chris bring you the latest in threat intelligence.

Next Post
Threat Intelligence Can Be Noisy: SearchLight Helps
Threat Intelligence Can Be Noisy: SearchLight Helps

Let’s start with a scenario. You’ve finally convinced the business to begin the journey of building up a th...

×

Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!