Microsoft Exchange Services Targeted By New PowerShell Malware

A new PowerShell malware named PowerExchange is used to backdoor on-premise Microsoft Exchange servers.

The malware is linked to APT34 Iranian state hackers.

The initial vector of infection is phishing emails with a malicious archive. For further data and credentials stealing, a web shell named ExchangeLeech is used.


Read More

Got Something To Say?

Your email address will not be published.