FBI Removing Web Shells From Infected Exchange Servers Twitter
FBI headquarters in Washington (Photo: Tim Evanson via Flickr/CC)
A federal court in Texas gave the FBI the go-ahead to remove malware from on-premises Microsoft Exchange servers at organizations infected in a wave of voluminous zero-day attacks earlier this year, the Department of Justice said on Tuesday.
Since Friday, the FBI has been removing web shells, or scripts that allow remote access, from Exchange servers belonging to organizations in at least eight states, according to an unsealed application for a search warrant released by the DOJ. The operation is authorized to run through April 23.
Microsoft: Exchange Ransomware Activity Limited So Far healthcareinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from healthcareinfosecurity.com Daily Mail and Mail on Sunday newspapers.
BankInfoSecurity
May 5, 2021 Twitter Get Permission
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft s patches. But there are strong signs that exploit code leaked, and the question now is: Who leaked it?
A Taiwanese computer security researcher indicated on Friday that exploit code he developed and privately shared with Microsoft in early January ended up in hostile hands.
It s an unsatisfactory prospect that how the Exchange exploit leak occurred may never be solved. But it may direct questions back to Microsoft as to whether the MAPP is still worth it.
Over 400 Cyberattacks at US Public Schools in 2020 govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.