it-online.co.za Open in urlscan Pro
178.62.18.215  Public Scan

Form analysis
1 forms found in the DOM

GET https://it-online.co.za/

<form role="search" method="get" class="et-search-form" action="https://it-online.co.za/">
  <input type="search" class="et-search-field" placeholder="Search …" value="" name="s" title="Search for:">
</form>

Text Content

 * Home
 * About Us
 * Business IT
 * Channelwise
 * Subscribe

 * Africa
 * Company News
 * Industry Areas
   * Channel News
   * IT in Education
   * IT Consumables
   * IT in Financial Services
   * IT in Government
   * IT in Health
   * IT in Manufacturing
   * IT in Retail
   * IT in Sport
 * Technology Areas
   * Cloud Computing
   * Application Development
   * Application Software
   * Business Intelligence
   * Cloud Resources
   * Compliance
   * Contact Centres
   * Digital Lifestyle
   * Document Management
   * E-Commerce
   * Enterprise Business
   * Enterprise Mobility
   * Gaming
   * HR and Payroll
   * IT Service Management
   * Lifecycle Management
   * Linux & Open Source
   * Mobile Computing
   * Office Equipment
   * Peripheral Reviews
   * Personal Computers
   * Power & Cooling
   * Research
   * Risk Management
   * Security
   * Servers
   * Service Oriented Architecture
   * Storage
   * Supply Chain Management
   * Telecommunications
   * Unified Comms
   * Virtualisation
   * Visual Instruments
 * Mobile Lifestyle Hub


Select Page
 * Africa
 * Company News
 * Industry Areas
   * Channel News
   * IT in Education
   * IT Consumables
   * IT in Financial Services
   * IT in Government
   * IT in Health
   * IT in Manufacturing
   * IT in Retail
   * IT in Sport
 * Technology Areas
   * Cloud Computing
   * Application Development
   * Application Software
   * Business Intelligence
   * Cloud Resources
   * Compliance
   * Contact Centres
   * Digital Lifestyle
   * Document Management
   * E-Commerce
   * Enterprise Business
   * Enterprise Mobility
   * Gaming
   * HR and Payroll
   * IT Service Management
   * Lifecycle Management
   * Linux & Open Source
   * Mobile Computing
   * Office Equipment
   * Peripheral Reviews
   * Personal Computers
   * Power & Cooling
   * Research
   * Risk Management
   * Security
   * Servers
   * Service Oriented Architecture
   * Storage
   * Supply Chain Management
   * Telecommunications
   * Unified Comms
   * Virtualisation
   * Visual Instruments
 * Mobile Lifestyle Hub
 * Home
 * About Us
 * Business IT
 * Channelwise
 * Subscribe




BIG INCREASE IN MS EXCHANGE ATTACKS

Sep 2, 2021

The number of users attacked by exploits targeting vulnerabilities in Microsoft
Exchange Servers, blocked by Kaspersky products, grew by 170% in August from 7
342 to 19 839 users.

According to Kaspersky experts, this massive growth is linked to the increasing
number of attacks that attempt to exploit previously disclosed vulnerabilities
in the product, and the fact that users do not patch vulnerable software right
away, thereby widening the potential attack surface.

Vulnerabilities inside Microsoft Exchange Server caused a lot of chaos this
year. On 2 March 2021, the public learnt about “in-the-wild” exploitations of
zero-day vulnerabilities inside Microsoft Exchange Server, which were then
exploited in a wave of attacks on organisations worldwide.

Later in the year, Microsoft also patched a series of the so-called ProxyShell
vulnerabilities – CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207.

Together these vulnerabilities represent a critical threat and enable an actor
to bypass authentication and execute code as a privileged user.

Even though the patches for these vulnerabilities were released a while ago,
cybercriminals did not hesitate to exploit them, with 74 274 Kaspersky users
encountering exploits for MS Exchange vulnerabilities in the past six months.

Furthermore, as the Cybersecurity and Infrastructure Security Agency (CISA) in
the US warned on 21 August, ProxyShell vulnerabilities are now actively
exploited by cybercriminals in a recent wave of attacks. In its advisory,
released on August 26, Microsoft explained that an Exchange server is vulnerable
if it is not running a Cumulative Update (CU) with at least the May Security
Update (SU).

According to Kaspersky telemetry, in the last week of the European summer, more
than 1 700 users were attacked using ProxyShell exploits daily, leading to the
number of users attacked in August 2021 to grow by 170% compared to July 2021.
This reflects the large scale problem these vulnerabilities represent, if left
unpatched.

“The fact that these vulnerabilities are being actively exploited comes as no
surprise – quite often, one-day vulnerabilities – the ones that have already
been disclosed and have patches released by developers – represent an even
bigger threat as they are known to a wider array of cybercriminals who try their
luck in penetrating any network they can get their hands on,” comments Evgeny
Lopatin, security researcher at Kaspersky.

“This active growth of attacks demonstrates once again why it is so essential to
patch vulnerabilities as soon as possible to prevent the networks from being
compromised. We strongly recommend following Microsoft’s recent advisory to
mitigate any wider risks.”


RELATED

Windows users urged to update softwareJune 9, 2021In "News"

Hafnium exploit strikes Microsoft Exchange serversMarch 8, 2021In "News"

How hackers are using Microsoft Exchange Server zero-day vulnerabilitiesMarch
16, 2021In "News"



 * Home
 * About Us
 * Business IT
 * Channelwise
 * Subscribe

 * Facebook
 * Twitter

Designed by Elegant Themes | Powered by WordPress