The attack on Microsoft Exchange increased while WannaCry showed signs of return

The series of security flaws that have existed for a long time in Microsoft Exchange and have only recently been patched have attracted a lot of attention from both users and cybercriminals.

The attack on Microsoft Exchange increased while WannaCry showed signs of return

The reason is simple, the patch has been released by Microsoft to Exchange Server users around the world, but it will certainly take a long time for these updates to be fully applied due to Microsoft Exchange users. organizations and businesses are known primarily for delays in applying changes to their systems.

Indeed, recent statistics from cybersecurity firm Check Point have shown a significant increase in the number of attacks targeting the critical vulnerability cluster ProxyLogon existing on Microsoft Exchange servers. Meanwhile, Palo Alto Networks claims to have at least 125,000 unpatched servers worldwide. That means these are all potential targets for cybercriminals.

Even as Microsoft actively accelerates the distribution of patches to partners from March 2, 2021, the number of Exchange Server attacks continues to increase sharply, specifically tripling globally, up to to tens of thousands of recorded cases to date.

The Microsoft Exchange vulnerability still appeals to cybercriminals

As of March 14, there are about 82,000 vulnerable Exchange servers around the world, according to Microsoft's internal research. About a week later, that is, by the end of March, this number has dropped significantly to about 30,000 exposed servers, according to data from RiskIQ. Despite the sharp decline, the number is still quite high, showing that ProxyLogon vulnerabilities in Exchange Server are still an attractive target for hackers.

The attack on Microsoft Exchange increased while WannaCry showed signs of return Picture 1

Check Point's remote survey data last week showed more than 50,000 attack attempts globally involving Exchange Server, mostly targeting organizations in the government / military, manufacturing and banking sectors /. finance.

Microsoft Exchange Server is a popular email collaboration, calendar, and mailbox solution in the enterprise community. Users of this server are diverse, from giant corporations to small and medium businesses around the world. Therefore, successfully exploiting vulnerabilities in Exchange Server opens cybercriminals a huge opportunity to gain illegal profits from victim businesses.

Additionally, Microsoft says a ransomware variant called DearCry is taking advantage of the vulnerabilities to deploy ransomware on vulnerable Exchange servers.

WannaCry tends to make a comeback

In related news, despite being 'defeated' at the end of 2017, the number of security breaches related to the infamous WannaCry ransomware is showing signs of rebound.

In fact, this situation is in line with the general trend in the number of ransomware attacks worldwide in the past few months.

According to Check Point statistics, there has been a 57% increase in the number of ransomware attacks recorded in the past six months at a global level. More worrisome, the monthly increase since the beginning of 2021 is 9%.

Besides the commonly observed ransomware strains (Maze, Ryuk, REvil), Check Point noted that the number of organizations affected by WannaCry has increased by 53%.

' We found that the number of organizations affected by WannaCry increased more than 40 times in March 2021 compared to October 2020. New samples still use the EternalBlue exploit to spread the malware - has been with patches for more than 4 years ".

WannaCry ransomware spreads itself on computers using Windows operating systems. After being first discovered in May 2017, it quickly became one of the worst nightmares in the history of global cybersecurity with hundreds of thousands of computers infected, causing billions of losses. USD, followed by the collapse of countless businesses accidentally became victims.

With the efforts of all mankind, WannaCry is said to have been 'defeated' by the end of 2017. But in fact, it is not only not eradicated, but also showing signs of resurgence recently. .

Global security organizations continue to detect WannaCry every day, including many new variants that were designed to bypass patches aimed at it before. In January, for example, a new variant of WannaCry reached the top of the most popular ransomware in the US.

The attack on Microsoft Exchange increased while WannaCry showed signs of return Picture 2

The reason behind this bizarre trend is because WannaCry has deep access to thousands of systems that are still vulnerable to EternalBlue now accessible over the public internet.

Check Point observes a similar trend starting December 2020, with the number of attacks continuing to grow by more than 12,000 by March 2021.

The attack on Microsoft Exchange increased while WannaCry showed signs of return Picture 3

Thus, it can be seen that WannaCry is in fact still one of the popular and destructive malware types today. Raising vigilance against this ransomware strain is essential and should not be taken lightly.

All about WannaCry, Ransomware has been confusing for the past few days
the article will provide some knowledge about wannacry and the most important security tips you should take and share with your acquaintances to prevent computers from ransomware wannacry.
The Microsoft MSERT tool can find web shells related to the Exchange Server attack campaign
microsoft has just released a new update to msert, which comes with the ability to detect web shells deployed in recent exchange server attacks.
The more dangerous WannaCry version 2.0 has appeared
despite being stopped by a 22-year-old hero, the wannacry 2.0 version will be a new challenge for heroes.
The hacker group threatened to spread the network attack tool behind WannaCry
the tool used by the hacker group to create the wannacry global cyber attack is about to be released.
The hero destroys the captured WannaCry because he suspected of creating a trojan to attack the bank
marcus hutchins, a british malware researcher who successfully attacked the wannacry ransomware attack was arrested in las vegas on suspicion of writing malware.
Warning with 4 dangerous variants of WannaCry malware
the malicious code wannacry crippled the worldwide network in just a few hours after it appeared. in addition, 4 variants of wannacry malicious code are equally dangerous.
How to Return or Exchange a Book on Audible
this wikihow will show you how to return or exchange a book on audible if you're within 365 days of the original purchase. returns can be processed in a web browser using a computer, phone, or tablet. go to https://audible.com in a web...
6 warning signs of a heart attack in women should not be ignored
here are 6 warning signs of a heart attack in women should not be missed!
Prevent WannaCry variants by turning off this Windows 10 installation
the recent attack on wannacry has caused fever for the online community. although it has settled down, we should still be careful by protecting the computer from its variants. in this article, tipsmake.com will guide readers to prevent wannacry variants by turning off an installation on windows 10.
Download the free WannaCry malware checker now
the free wannacry malware checking tool is released from bkav, capable of checking whether a computer contains an eternalblue vulnerability. this is the flaw that wannacry took advantage of to invade the computer.
2 effective and free ways to check WannaCry
you are worried whether your computer is infected with wannacry ransomware, how to know if there are any vulnerabilities in the system as well as how to check wannacry malware. how to check wannacry or check ransomware wannacry effectively and for free with bkav checkwancry and vnist scanner tools will help you do that.
A month before your heart attack, your body will show 8 warning signs!
here are 8 important warning signs that may appear 1 month in advance or even earlier, indicating that you may have a heart attack. invite you to consult!