Microsoft flagship store in London. The company confirmed a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers. (Microsoft)
Microsoft confirmed “a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers,” via its Security Intelligence Twitter account.
The ransomware, called DoejoCrypt or DearCry, appears to be the latest threat associated with not patching the Hafnium Exchange Server vulnerabilities Microsoft first announced last week.
DoejoCrypt was first noticed on Thursday by researcher Michael Gillespie as attacking Exchange Server, with the connection to the Hafnium vulnerabilities quickly speculated.
Microsoft announced that a state-sponsored actor located in China breached on-premises Exchange Servers on Tuesday, March 2, the same day it issued a patch. The company named that hacker group Hafnium. Since then the number of clusters of distinct hacker activity researchers identified as taking advantage of those Exchange Server vulnerabilities has rapidly expanded. At least 30,000 servers have been brea ..
Support the originator by clicking the read the rest link below.
