Skip to main content

Microsoft: Exchange servers hacked to deploy BlackCat ransomware

  • June 14, 2022
  • 8 comments
  • 184 views
Link State
Forum|alt.badge.img+11

 

More bad news on the Exchange front, a new ransomware attack on MS mail systems.

Microsoft: Exchange servers hacked to deploy BlackCat ransomware (bleepingcomputer.com)

😓

Veeam: VMCA | VMCE | VMXP | Veeam Legend - Microsoft: MCITP | MCP | MCSA | 2008 R2 | 2012R2 | 2016 | MCSE Core Infrastructure | MCSE Cloud Platform - Azure: AZ900 | AZ104| AZ500|AZ305 - AWS Cloud Practitioner - VMWare: VCP-DCV Vsphere 7.x - Cisco: CCNA (Expired)
BertrandFR
Link State
marcofabbri

8 comments

marcofabbri
Forum|alt.badge.img+12
  • marcofabbri
  • On the path to Greatness
  • June 14, 2022

Yes, but it use the march 2021 CVE, fortunately not a new vulnerability.

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
Chris.Childerhose
dips
dips
Forum|alt.badge.img+7
  • dips
  • On the path to Greatness
  • June 14, 2022

Wonder how many Exchange servers are still missing patches

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2025 | Cyber Security Space VUG Leader
Chris.Childerhose
Link State
Chris.Childerhose
Forum|alt.badge.img+21

Wow Exchange has become the new gateway for hackers. Amazing to see the number of vulnerabilities coming out.

Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | VUG Canada Leader | vExpert 6* | Toronto VMUG Leader | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Link State
Link State
Forum|alt.badge.img+11
  • Link State
  • Author
  • Veeam Legend
  • June 14, 2022

Wow Exchange has become the new gateway for hackers. Amazing to see the number of vulnerabilities coming out.

BotNet Exchange 😆

Veeam: VMCA | VMCE | VMXP | Veeam Legend - Microsoft: MCITP | MCP | MCSA | 2008 R2 | 2012R2 | 2016 | MCSE Core Infrastructure | MCSE Cloud Platform - Azure: AZ900 | AZ104| AZ500|AZ305 - AWS Cloud Practitioner - VMWare: VCP-DCV Vsphere 7.x - Cisco: CCNA (Expired)
Chris.Childerhose
Chris.Childerhose
Forum|alt.badge.img+21

Wow Exchange has become the new gateway for hackers. Amazing to see the number of vulnerabilities coming out.

BotNet Exchange 😆

😋🤣

Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | VUG Canada Leader | vExpert 6* | Toronto VMUG Leader | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
vNote42
Forum|alt.badge.img+12
  • vNote42
  • On the path to Greatness
  • June 14, 2022

AAh!! BlackCat! they also hacked the government of a federal state here in Austria

https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-asks-5-million-to-unlock-austrian-state/

Wolfgang | vnote42.net | @vNote42
Chris.Childerhose
regnor
Forum|alt.badge.img+14
  • regnor
  • Veeam MVP
  • June 19, 2022

Would be interesting if the vulnerabilities didn't get patched by this victim or if the attackers had utilized it last year and only started their attack now.

Max M. | Systems Engineer @Veeam | VMCE/VMCA | VeeaMVP 2023 | former Legend & Vanguard
Chris.Childerhose
marcofabbri
marcofabbri
Forum|alt.badge.img+12
  • marcofabbri
  • On the path to Greatness
  • June 19, 2022

Would be interesting if the vulnerabilities didn't get patched by this victim or if the attackers had utilized it last year and only started their attack now.

Ah, that's totally possible!

Backups are like pizza, I love them. | Linkedin: @marco-fabbri-it
Chris.Childerhose
Terms & ConditionsAccessibility statement