Lock File Case

U.S Cyber security and infrastructure security agency is warning of an active ransomware Lock File on  Microsoft Exchange. The ransomware enables bypass ACL controls, takes over Microsoft Exchange Powershell backend and permit the ransomware to remote code execution. More than a 150 web shells have been detected across 1,900 unpatched exchanger servers.

 

Best,

Bingo

 

 

References:

 

https://thehackernews.com/2021/08/microsoft-exchange-under-attack-with.html

 

https://illinoisnewstoday.com/microsoft-exchange-server-being-hacked-by-the-new-lockfile-ransomware/355511/

 

https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/