Hackers broke into Microsoft services

The attackers organized attacks on Microsoft Exchange users. This is reported by the publication Bleeping Computer.

At the Black Hat conference, security specialist Orange Tsai told about the vulnerabilities, united under the common name ProxyShell. Currently, experts mention three types of vulnerabilities under the names CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. Malware creators scan the network in search of unprotected corporate systems and introduce modified programs into them.

Attackers use the web shell of the service to download special software to a folder with remote access. Documents are created in the Windows system partition at C:\Windows\System32 and in the root directory of the Microsoft Exchange program itself, used for exchanging messages and documents in a corporate environment. Also, the creators of the virus software run a remote loader ApplicationUpdate.exe, which opens the executable file ApplicationUpdate.exe every day at one o’clock in the morning.

According to experts, they know the methods of hacking and the web addresses with which unknown people hack into the corporate networks of Microsoft customers. The authors noticed that those users who do not update Microsoft Exchange are at risk. In this regard, experts advise you to install updates from Microsoft on your computers regularly.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Author: Ivan Maltsev
The study of political and social problems of different countries of the world. Analysis of large companies on the world market. Observing world leaders in the political arena.
Function: Chief-Editor
E-mail: Great7news@gmail.com
Ivan Maltsev

Spelling error report

The following text will be sent to our editors: