Exchange servers first compromised by Chinese hackers hit with ransomware

Contributor
March 13, 2021
Uncategorized

reported the new family of ransomware deployment late Thursday, saying that it was being deployed after the initial compromise of servers. Microsoft’s name for the new family is Ransom:Win32/DoejoCrypt.A. The more common name is DearCry.

We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers. Microsoft protects against this threat known as Ransom:Win32/DoejoCrypt.A, and also as DearCry.

— Microsoft Security Intelligence (@MsftSecIntel) March 12, 2021

Piggybacking off Hafnium

Security firm Kryptos Logic said Friday afternoon that it has detected Hafnium-compromised Exchange servers that were later infected with ransomware. Kryptos Logic security researcher Marcus Hutchins told Ars that the ransomware is DearCry.

Read 11 remaining paragraphs | Comments

Libsyn Podcast : Skills Upgrade #7
Welcome back to “Skills Upgrade” a Talking Drupal mini-series following the journey of a D7 developer... The post Libsyn Podcast : Skills Upgrade #7 appeared first on LinuxPunx.
Unlock the Easiest Path to HA SQL Server in Kubernetes
DH2i’s DxEnterprise with Rancher Prime by SUSE provides an ideal, infrastructure-agnostic, streamlined, high availability solution empowering... The post Unlock the Easiest Path to HA SQL Server in Kubernetes appeared first on LinuxPunx.

Piggybacking off Hafnium

Related Posts

Pakistan shut down the internet – but that didn’t stop the protests

Passkeys may not be for you, but they are safe and easy—here’s why

The Download: open vs closed AI, and Google’s uneasy demo

Discover more from WHO WILL CARE eCommerce