(800) 989-2647

[email protected]

Cyberthreat Research

Microsoft IOC Detection Tool for Exchange Server vulnerabilities

Fortify Security Team
Mar 16, 2021

Microsoft has released the EOMT.ps1 tool that can automate portions of both the detection and patching process and help your organization check for indicators of compromise (IOCs) by running the Microsoft IOC Detection Tool for Exchange Server Vulnerabilities.

In addition, CISA has added seven Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities: https://us-cert.cisa.gov/ncas/alerts/aa21-062a. Each MAR identifies a webshell associated with exploitation of the vulnerabilities in Microsoft Exchange Server products. After successful exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actors can upload a webshell to enable remote administration of the affected system.

CISA has also added information on ransomware activity associated with exploitation of the Exchange Server products, including DearCry ransomware.

CISA encourages users and administrators to review the following resources for more information.

Recent Posts

Sodinokibi Ransomware Hash List

Mar 4, 2021 |

Threat actors using the Sodinokibi ransomware made “at least” $123 million in 2020, stealing roughly 21.6 terabytes of data. Sodinokibi was the most-used ransomware observed by the researchers, accounting for 22% of all incidents in 2020....

Ryuk Ransomware Hash List

Mar 4, 2021 |

d6e2a0ab441832f2fe88c2097797027835014ac2dbd6fda585dbe75baf67e450 e803f1a1acf079ff2ca62e02c924840a9334336e762b0992123035427ffbf894 180f82bbedb03dc29328e32e054069870a1e65078b78b2120a84c96aaed7d843 a93ebb14d2792370f7009b9accdc6901c90d4bdc5811c91002d19a6364825622...

Malware Analysis – AppleJeus: Dorusio

Feb 18, 2021 |

This Malware Analysis Report (MAR) is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the cyber threat to cryptocurrency...

Malware Analysis – AppleJeus: Kupay Wallet

Feb 18, 2021 |

This Malware Analysis Report (MAR) is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the cyber threat to cryptocurrency...

Ryuk Ransomware Hash List

d6e2a0ab441832f2fe88c2097797027835014ac2dbd6fda585dbe75baf67e450 e803f1a1acf079ff2ca62e02c924840a9334336e762b0992123035427ffbf894 180f82bbedb03dc29328e32e054069870a1e65078b78b2120a84c96aaed7d843 a93ebb14d2792370f7009b9accdc6901c90d4bdc5811c91002d19a6364825622...

Malware Analysis – AppleJeus: Dorusio

This Malware Analysis Report (MAR) is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the cyber threat to cryptocurrency...

Malware Analysis – AppleJeus: Kupay Wallet

This Malware Analysis Report (MAR) is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the cyber threat to cryptocurrency...