Warning for MILLIONS of Microsoft users as ‘update-resistant’ threat spotted

By Kevin Colleran On Jul 2, 2022

MICROSOFT Exchange servers have been backdoored by threat actors worldwide.

Attackers are using a new malware to access Microsoft Exchange servers belonging to military and government entities in Europe, the Middle East, Africa and Asia.

Microsoft Exchange servers worldwide have been backdoored by threat actors.Credit: Getty

Dubbed SessionManager, the malicious software poses as an Internet Information Services (IIS) module.

IIS is the legitimate web server installed by default on Microsoft Exchange servers.

Typically, organizations enable IIS modules to streamline specific processes on their web infrastructure, per ARSTechnica.

Roughly 34 servers belonging to 24 organizations have been infected with SessionManager since March 2021, Security firm Kaspersky revealed.

Official warning for Internet Explorer users as Microsoft shuts down browser

Microsoft warning for BILLIONS as malicious files spotted – how to stay safe

As of June 2022, around 20 organizations remained infected, Kaspersky said in a blog post on Thursday.

What does SessionManager do?

SessionManager can accomplish a number of things for threat actors, according to a report by Bleeping Computer.

The malware can drop and manage arbitrary files on comprised servers, execute code remotely, and link the victim’s network to the bad actor’s network.

Kaspersky explained further: “The SessionManager backdoor enables threat actors to keep persistent, update-resistant and rather stealth access to the IT infrastructure of a targeted organization.”

“Once dropped into the victim’s system, cybercriminals behind the backdoor can gain access to company emails.”

They can also update malicious access by installing other types of malware or “clandestinely manage compromised servers, which can be leveraged as malicious infrastructure.”

How can I protect myself/my organization?

Backdoor attacks are difficult to detect, however, there are steps you can take to keep your device(s) safe.

For starters, use an Antivirus that can identify and prevent a wide range of malware, including trojans and spyware.

Be vigilant when downloading files from the internet as many of them can be compromised or loaded with malware.

Minecraft YouTuber passes away one year after cancer diagnosis

Denise and Charlie's daughter Lola, 17, involved in terrifying car crash

You will definitely also want to use a Firewall, which is considered essential for backdoor protection.

Firewalls monitor all incoming and outgoing traffic on your device – so if someone is trying to get into your device, the firewall will keep them out.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.