Home > Brands > Microsoft > REvil Linked To Another Exchange Server Breach

REvil Linked To Another Exchange Server Breach

REvil threat actors may be behind a new ransomware attack on Exchange servers, according to the ever-alert security company Sophos, which detected the attack.

The actors are apparently using set of PowerShell language scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks.

Sophos say they are exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research.

The new ransomware, dubbed Epsilon Red, was found during an investigation into an attack on a US company in the hospitality sector.

The potential link to the REvil group came in a ransom note left on infected computers, which resembles a note left behind by a REvil ransomware attack earlier this year.

Again, an unpatched enterprise Microsoft Exchange server was used as the point of entry.

You may also like
Microsoft Making Xbox Streaming Sticks For TVs
NSW Coppers Embrace Cloud Tech To Speed Investigation
Microsoft Wins US Antitrust OK For $16 Billion Purchase Of Nuance
Microsoft Announces Release Date For New Windows
MS Vax Booking System Still Not Operational In Victoria