Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

Unpatched Microsoft Exchange Servers abused in new phishing campaign

The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which these appeared legit. According to the IT security…

IKEA Hit by Email Reply-Chain Cyberattack

IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. As of Friday – as in,…

Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws

Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters. Attackers are gnawing on the ProxyLogon and ProxyShell vulnerabilities in Microsoft…

Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz

Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz Security researchers have warned attackers are abusing months-old Microsoft Exchange Server flaws to send convincing malware-laden phishing emails within organizations. A team…

The IT Sector Targeted by Iranian State Cybercriminals, Microsoft Says

Microsoft declares that Iranian cybercrime organizations have been trying to breach IT services businesses more frequently this year to collect credentials that they could further use to compromise the networks…

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains

Trend Micro – Trend Micro – Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains Exploits & Vulnerabilities Squirrelwaffle is known for using the tactic of sending malicious spam as…

Microsoft Exchange and Fortinet Vulnerabilities Exploited by Iranian APT

An APT assault generally involves a group of highly competent hackers with very specific targets and a “slow and steady” approach to planning and executing their crimes.As Elena mentioned, APT…

US, UK, and Australia pin Iran for exploiting Fortinet and Exchange holes

Image: Fortinet, ZDNet Cyber authorities across the US, UK, and Australia have called for administrators to immediately patch a quartet of vulnerabilities — CVE-2021-34473, 2020-12812, 2019-5591, and 2018-13379 — after…

Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns

Meanwhile, a Microsoft analysis that followed six Iranian threat actor groups for over a year found them increasingly sophisticated, adapting and thriving. A state-backed Iranian threat actor has been using…