Updates on Microsoft Exchange Server Vulnerabilities

Original release date: April 12, 2021

CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.

MAR-10330097-1.v1: DearCry Ransomware identifies ransomware that has been used to exploit compromised on-premises Exchange servers. The malware encrypts files on a device and demands ransom in exchange for decryption.
MAR-10331466-1.v1: China Chopper Webshell identifies a China Chopper webshell observed in post-compromised Microsoft Exchange Servers. After successfully exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actor can upload a webshell to enable remote administration of the affected system.

CISA encourages users and administrators to review the following resources for more information:

This product is provided subject to this Notification and this Privacy & Use policy.

admin

Cisco Releases Security Bundle for Cisco ASA, FMC, and FTD Software

Cisco released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled…

10 hours ago

CISA released four Industrial Control Systems (ICS) advisories on October 24, 2024. These advisories provide…

1 day ago

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…

2 days ago

Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers…

3 days ago

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…

4 days ago

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…

5 days ago

This website uses cookies.