Researchers looked at the Lemon Duck hacking group’s most recent operations, which included exploiting Microsoft Exchange Server bugs and using decoy top-level domains. For thousands of organizations, the successful exploit of zero-day Microsoft Exchange Server vulnerabilities in the wild was a security nightmare.
ProxyLogon is a collection of four critical flaws that effect on-premises Microsoft Exchange Server 2013, 2016, and 2010. While patches, vulnerability identification tools, and mitigation guidance were made available in March, it is estimated that up to 60,000 organizations were still affected.
At least ten advanced persistent threat (APT) groups have used the bugs in attacks this year, and exploit code is now available as well.
To Read More: ZDNet