Microsoft: Exchange Ransomware activity against compromised on-premises Exchange servers remains limited. But it warns that organizations are far from out of the woods. Organizations that have patched the four flaws in Exchange must also undertake remediation actions, Microsoft says. The U.S. Cybersecurity and Infrastructure Agency released two new malware analysis reports describing variations of the China Chopper webshell observed in compromised Exchange servers. The company also describes an ongoing tussle among attack groups for control of compromised servers.”]
Source: https://www.cuinfosecurity.com/microsoft-exchange-ransomware-activity-limited-so-far-a-16271