Compromised Microsoft Exchange Server Used to Host Cryptominer

Subscribe to Newsletters

Cybersecurity Risk Management FREE Event 4/22
Using MS Teams as Your Phone System – FREE Event 4/14
Earn (ISC)2 CPEs at Interop Digital, April 29

More Informa Tech Live Events

White Papers

What Elite Threat Hunters See That Others Miss: Case Study

Are We Cyber-Resilient? The Key Question Every Organization Must Answer

10 Must-Have Capabilities for Stopping Malicious Automation Checklist

SANS 2021 Cyber Threat Intelligence Survey

Cybersecurity Report Card

More White Papers

Video

All Videos

Cartoon

Post a Comment

Cartoon Archive

Current Issue

2021 Top Enterprise IT TrendsWe’ve identified the key trends that are poised to impact the IT landscape in 2021. Find out why they’re important and how they will affect you today!

Back Issues | Must Reads

Flash Poll

All Polls

How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today’s Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2021-3460
PUBLISHED: 2021-04-13

The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.

CVE-2021-3462
PUBLISHED: 2021-04-13

A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver’s device object.

CVE-2021-3463
PUBLISHED: 2021-04-13

A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error.

CVE-2021-3471
PUBLISHED: 2021-04-13

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE-2021-3473
PUBLISHED: 2021-04-13

An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exist…

The post Compromised Microsoft Exchange Server Used to Host Cryptominer appeared first on Malware Devil.

https://malwaredevil.com/2021/04/13/compromised-microsoft-exchange-server-used-to-host-cryptominer/?utm_source=rss&utm_medium=rss&utm_campaign=compromised-microsoft-exchange-server-used-to-host-cryptominer