2 matches found
GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
In a recent incident response IR case, we discovered highly customized malware targeting Exchange infrastructure within government environments. Analysis of detection logs and clues within the sample suggests that the Exchange server was likely compromised via a known N-day vulnerability. Our...
PT-2020-1715
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description A remote code execution issue exists in Microsoft Exchange Server due to the failure to properly create unique keys during installation. This flaw, also referred to as a...