Microsoft and the Ukraine CERT warn of new attacks by the Russian state-sponsored Turla hacking group, targeting the defense industry and Microsoft Exchange servers with a new 'DeliveryCheck' malware backdoor.
This doesn’t make a lot of sense to me. No on prem Exchange admin worth a damn is reading emails on the server, or reading their email and opening excel files and enabling macros in them using their admin account for that matter. The bare minimum of security practices will stop this thing before it ever gets started.
This doesn’t make a lot of sense to me. No on prem Exchange admin worth a damn is reading emails on the server, or reading their email and opening excel files and enabling macros in them using their admin account for that matter. The bare minimum of security practices will stop this thing before it ever gets started.