Home > Brands > Microsoft > REvil Linked To Another Exchange Server Breach

REvil Linked To Another Exchange Server Breach

REvil threat actors may be behind a new ransomware attack on Exchange servers, according to the ever-alert security company Sophos, which detected the attack.

The actors are apparently using set of PowerShell language scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks.

Sophos say they are exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research.

The new ransomware, dubbed Epsilon Red, was found during an investigation into an attack on a US company in the hospitality sector.

The potential link to the REvil group came in a ransom note left on infected computers, which resembles a note left behind by a REvil ransomware attack earlier this year.

Again, an unpatched enterprise Microsoft Exchange server was used as the point of entry.

You may also like
Mass Microsoft Exodus As Employees Quit
Microsoft Teams With Qualcomm For AR Headset
CES Still Going Ahead Despite Tech Industry Walk Out
Microsoft, Apple, Adobe Shares Fall Overnight
Over 40% Of Global Networks Under Attack, Thanks To Log4j Security Flaw