APT group uses Exchange vulnerability to spy on hotels, businesses and governments

Cybersecurity company ESET has released new research into FamousSparrow, a cyberespionage group attacking hotels worldwide, as well as governments, international organizations, engineering companies and law firms. The Advanced Persistent Threat (APT) group FamousSparrow has been exploiting the Microsoft Exchange vulnerability known as ProxyLogon, which allows hackers to take control of Exchange servers. Attacks started as early as the day after patches for the ProxyLogon vulnerability were released in March 2021. "This is another reminder that it is critical to patch internet-facing applications quickly, or, if quick patching is not possible, to not expose them to the internet at all," says… [Continue Reading]