• For Enquiry
  • 847-868-9253
  • 847-868-9208
  • Home
  • Why Choose CIO Landing?
    • Our Team
    • Success Stories
    • ‘8 Things’ We Do Better
    • Partners & Certifications
    • Our Services
  • Industry Expertise
    • Manufacturing
    • Medical
    • Education
    • Financial Services
    • Non-Profit
    • Law Firms
  • IT Solutions
    • Co-Managed Service
    • Managed IT Services
    • IT Support
      • On Demand Services
      • Office Moves & Wiring
      • Security
    • Server Management
    • Backup & Disaster Recovery
    • Cloud Services
    • CIO & IT Consulting
    • Cybersecurity Services
    • VoIP
    • Managed Firewall
    • Microsoft 365
      • Microsoft 365 Plans
        • Small Business
        • Enterprise
        • Education
    • Hardware & Software Sales
    • Email & Spam Protection
  • Resources
    • Free Copy Of New Book
    • Blog
    • Newsletter
    • Video Tips
      • Video Tips Archive
    • Free Cloud Report
    • IT Buyers Guide
    • Cybersecurity Crisis Report
    • Network Audit
    • COVID 19 Resources
    • In The NEWS
    • Online Training
  • About Us
    • Our Mission
    • Leadership
    • Teams
    • Referral Program
    • Press Releases
      • CIO Landing: More Than Just an IT
      • Small businesses can have an IT department too
      • CIO Landing, Inc. has joined forces with Banc Certified Merchant Services (BCMS).
    • Affiliations
    • Careers
      • Job Descriptions
    • FAQs
    • Causes We Support
    • Privacy Policy
    • Terms & Conditions
  • Locations
    • Northfield, IL
    • Northbrook, IL
    • Chicago, IL
    • Miami, FL
  • Support
✕
Microsoft May Have A Fix For Windows 10 Freezing Issue
May 12, 2022
Netflix Will Soon Crack Down On Password Sharing
May 14, 2022

Microsoft Exchange Servers Targeted By Hackers

May 13, 2022

If you rely on a Microsoft Exchange server to handle email for your company, there is something you should be aware of. Recent research by security and analytics company Varonis has discovered that an affiliate of Hive ransomware has begun targeting Exchange servers that are vulnerable to ProxyShell security issues.

If the group in question finds a vulnerable server, they’ll install a variety of backdoors including Cobalt Strike beacon. That allows them to come back later and snoop around in your network for anything of value, steal administrator account credentials, make off with your company’s proprietary data, or encrypt your files and demand payment from you to get them back.

The exploited flaws are being tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31297. All 3 range in severity from 7.2 (high) to 9.8 (critical).

This group is hardly unique in exploiting these flaws.  They’ve been used by other hacker groups including Cuba, Babuk, BlackByte, Conti, and others.  The fact that the exploits seem to be growing in popularity among the hacking community is the most troubling aspect of the recent discovery.

Hive has been around since at least June of last year (2021) and the group has evolved considerably since they first appeared. That prompted the FBI to release a report detailing their activities and tactics to better prepare IT professionals for attacks the group might make against their organizations.

In October 2021, the Hive gang added Linus and Free BSD variants to their growing bank of tricks and they became one of the most active ransomware operations as measured by the frequency of their attacks.

Just last month, researchers operating out of Sentinel Labs discovered that the group is utilizing a new obfuscation technique in a bid to better mask the malicious payloads they introduce to infected networks.

All of this points to the fact that the Hive group is actively working to improve the efficiency and effectiveness of their attacks.  Stay vigilant and be on the alert for this group.  They’ve got a well deserved reputation for being dangerous.

Share
63
taylor
taylor

Related posts

March 10, 2025

The Hidden Threat: How Gift Card Scams Are Targeting Businesses Like Yours

Read more
February 11, 2025

CIO Landing Named to CRN’s MSP 500 List for 2025—For the Third Year in a Row!

Read more
December 4, 2024

Unlocking the Power of Windows 11: Tips for Maximum Productivity

Read more
© 2025 All Rights Reserved | Powered by CIO Landing