How attackers target and exploit Microsoft Exchange servers

Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could allow attackers to perform various tasks using the same built-in tools or scripts that admins use for maintenance.” And while they are not the initial entrance point in the majority of cases, the company has witnessed lately a rise in attacks aimed at compromising Exchange servers by exploiting an unpatched flaw – more specifically CVE-2020-0688, a patch for which was released in February 2020. While the attackers need to have compromised, valid email credentials to access the server before attempting to exploit the flaw, they are obviously succeeding in getting their hands on them.

Read full article on Help Net Security