More than one third of incidents recorded by Cisco Talos in the past three months were related to four Microsoft Exchange Server zero-days first revealed in March.
A set of four vulnerabilities in Microsoft Exchange Server have emerged as the top target for attackers looking to break into networks.
Researchers with Cisco Talos Incident Response (CTIR) said in their latest quarterly report that over the last three months, some 35 percent of attacks targeted one of these four security bugs: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065. First disclosed in March by Microsoft, the Exchange Server vulnerabilities were part of a package of zero-day bugs that were under exploitation by a Chinese state-sponsored hacking operation known as Hafnium.
The attacks prompted Microsoft to issue a rare, out-of-band security update for Exchange Server. But despite the massive push to get servers updated against the flaws ...
Copyright of this story solely belongs to searchsecurity.techtarget.com . To see the full text click HERE