Categories: US-Cert-Repository

Updates on Microsoft Exchange Server Vulnerabilities

Original release date: April 12, 2021

CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.

MAR-10330097-1.v1: DearCry Ransomware identifies ransomware that has been used to exploit compromised on-premises Exchange servers. The malware encrypts files on a device and demands ransom in exchange for decryption.
MAR-10331466-1.v1: China Chopper Webshell identifies a China Chopper webshell observed in post-compromised Microsoft Exchange Servers. After successfully exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actor can upload a webshell to enable remote administration of the affected system.

CISA encourages users and administrators to review the following resources for more information:

CISA Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
CISA web page Remediating Microsoft Exchange Vulnerabilities
CISA web page Ransomware Guidance and Resources

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Next Apply Microsoft April 2021 Security Update to Mitigate Newly Disclosed Microsoft Exchange Vulnerabilities »

Previous « Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments

Leave a Comment

Share

Published by

admin

5 years ago

Recent Posts

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

4 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

6 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf Client…

1 week ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…

2 weeks ago

t
L

This website uses cookies.