FBI agents have recently executed a court-authorized cyber-security operation to delete several malicious web shells. This was done from previously hacked Microsoft Exchange servers in the US, the US Department of Justice (DoJ) noted.
After a wave of critical in-the-wild zero-day attacks in the Exchange Server installations in January, tech-savvy organizations had scrambled to lock down vulnerable email servers of Microsoft. Besides, they removed web shells that were installed by the attackers.
In the past attacks observed by the tech giant, threat actors were able to exploit various vulnerabilities to access the on-premises Exchange servers.
Source: SecurityWeek