Cyber Espionage, new global campaign by Cicada
Symantec cybersecurity experts: The China-linked APT used unpatched vulnerabilities in Microsoft Exchange, the Sodamaster backdoor and other custom malware and tools.
Cybercrime, Owowa steals Microsoft Exchange credentials
Kaspersky cybersecurity experts: It’s a IIS module that steals data entered by a user when logging into OWA. It also allows remote access to targeted servers.
Cybercrime, Prometei botnet exploits some Microsoft Exchange vulnerabilities
Cybereason cybersecurity experts: The malware can infect both Windows and Linux systems and has been upgraded with backdoor capabilities.
Cyber security, new RCE flaw on Microsoft Exchange Server
The researcher Steven Seeley: It’s due to improper validation of cmdlet arguments. Exploitation requires an authenticated user in a certain role. Patches have been released.
Is APT34 responsible for the Jason cyber espionage tool?
The cyber security expert, Marco Ramilli, analyzed it to match the clues e find if Iranian state-sponsored hackers are behind the operation. Something says Yes, something diverge.