{"id":131014,"date":"2021-11-21T16:22:59","date_gmt":"2021-11-22T00:22:59","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/11\/microsoft-exchange-servers-hacked-in-internal-reply-chain-attacks"},"modified":"2021-11-21T16:22:59","modified_gmt":"2021-11-22T00:22:59","slug":"microsoft-exchange-servers-hacked-in-internal-reply-chain-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/11\/microsoft-exchange-servers-hacked-in-internal-reply-chain-attacks","title":{"rendered":"Microsoft Exchange servers hacked in internal reply-chain attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/microsoft-exchange-servers-hacked-in-internal-reply-chain-attacks2.jpg\"><\/a><\/p>\n<p>Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails.<\/p>\n<p>When threat actors conduct malicious email campaigns, the hardest part is to trick users into trusting the sender enough so that they open up linked to or included malware-distributing attachments.<\/p>\n<p>TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company\u2019s internal users using the victim\u2019s compromised Microsoft exchange servers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. When threat actors conduct malicious email campaigns, the hardest part is to trick users into trusting the sender enough so that they open up linked to or included malware-distributing attachments. TrendMicro researchers [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-131014","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/131014","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=131014"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/131014\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=131014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=131014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=131014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}