Microsoft prepares for a news conference t in Los Angeles, California. (Photo by Kevork Djansezian/Getty Images)
Researchers on Tuesday reported that an unknown attacker hacked one Microsoft Exchange server as a means to install a malicious Monero cryptominer onto other Exchange servers to gain access.
The news came the same day Microsoft told its Exchange customers to run all the latest patches to mitigate the latest vulnerabilities, including new critical bugs, and was backed up by top cyber officials in the federal government.
In a blog post, SophosLabs said its team was inspecting telemetry when it came across this unusual attack targeting a customer’s Exchange servers – an indication that the Exchange supply chain hack will continue to cause headaches for security pros.
According to the researchers, “the attack begins with a PowerShell command to retrieve a file names win_r.zip from another compromised server’s Outlook Web Access logon path (/owa/auth).” Based on the Monero blo ..
Support the originator by clicking the read the rest link below.
