{"id":3504,"date":"2021-08-14T09:35:00","date_gmt":"2021-08-14T07:35:00","guid":{"rendered":"https:\/\/fr.koddos.net\/blog\/?p=3504"},"modified":"2021-08-16T09:55:37","modified_gmt":"2021-08-16T07:55:37","slug":"les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables","status":"publish","type":"post","link":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/","title":{"rendered":"LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES"},"content":{"rendered":"\n<p>Un rapport r\u00e9cent <strong><a href=\"https:\/\/thehackernews.com\/2021\/08\/hackers-actively-searching-for.html\">a r\u00e9v\u00e9l\u00e9<\/a> <\/strong>que les attaquants analysent et exploitent les serveurs Exchange via une cha\u00eene d&rsquo;exploitation inconnue.<\/p>\n\n\n\n<p>Selon le rapport, les hackers profitent de trois s\u00e9ries de failles qui affectent les installations sur site. Cela fait suite \u00e0 l&rsquo;exploitation massive des vuln\u00e9rabilit\u00e9s ProxyLogon au d\u00e9but de l&rsquo;ann\u00e9e.<\/p>\n\n\n\n<p><strong>30 000 syst\u00e8mes d\u00e9j\u00e0 touch\u00e9s<\/strong><\/p>\n\n\n\n<p>Selon les chercheurs en s\u00e9curit\u00e9 qui ont d\u00e9couvert l&rsquo;exploitation, environ 30 000 machines sont d\u00e9j\u00e0 touch\u00e9es par les bugs, et les failles d&rsquo;ex\u00e9cution de code \u00e0 distance sont appel\u00e9es \u00ab\u00a0ProxyShell\u00a0\u00bb.<\/p>\n\n\n\n<p>Le SANS Internet Storm Center a effectu\u00e9 une analyse des vuln\u00e9rabilit\u00e9s et a d\u00e9couvert que d&rsquo;autres syst\u00e8mes pouvaient encore \u00eatre touch\u00e9s.<\/p>\n\n\n\n<p>Richard Warren de NCC Group a tweet\u00e9 au sujet des vuln\u00e9rabilit\u00e9s, en disant que l&rsquo;une des intrusions a conduit au d\u00e9ploiement de \u00ab\u00a0C# aspx webshell dans le r\u00e9pertoire \/aspnet_client\/\u00a0\u00bb.<\/p>\n\n\n\n<p>Il a \u00e9galement d\u00e9clar\u00e9 que le groupe a commenc\u00e9 \u00e0 remarquer des exploits sauvages contre l&rsquo;infrastructure de honeypot de la plateforme pour les vuln\u00e9rabilit\u00e9s ProxyShell d&rsquo;\u00e9change.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Started to see in the wild exploit attempts against our honeypot infrastructure for the Exchange ProxyShell vulnerabilities. This one dropped a c# aspx webshell in the \/aspnet_client\/ directory: <a href=\"https:\/\/t.co\/XbZfmQQNhY\">pic.twitter.com\/XbZfmQQNhY<\/a><\/p>&mdash; Rich Warren (@buffaloverflow) <a href=\"https:\/\/twitter.com\/buffaloverflow\/status\/1425831100157349890?ref_src=twsrc%5Etfw\">August 12, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>Le correctif pour ProxyLogon a \u00e9t\u00e9 publi\u00e9 plus t\u00f4t dans Match cette ann\u00e9e. La vuln\u00e9rabilit\u00e9 est repr\u00e9sent\u00e9e par CVE-2021-26855, qui est un bug de falsification de requ\u00eate c\u00f4t\u00e9 serveur dans le serveur Exchange. Ce bug permet \u00e0 un acteur malveillant d&rsquo;avoir un acc\u00e8s complet au serveur vuln\u00e9rable de l&rsquo;administrateur. Une fois qu&rsquo;il a mis la main sur les contr\u00f4les administratifs, il peut la combiner avec la vuln\u00e9rabilit\u00e9 d&rsquo;\u00e9criture de fichier arbitraire, repr\u00e9sent\u00e9e par CVE-2021-27065, pour r\u00e9ussir \u00e0 \u00e9tablir une ex\u00e9cution de code.<\/p>\n\n\n\n<p><strong>Les auteurs de la menace sont li\u00e9s \u00e0 un groupe de hackers parrain\u00e9 par P\u00e9kin<\/strong><\/p>\n\n\n\n<p>Les vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 remarqu\u00e9es et expos\u00e9es apr\u00e8s que le g\u00e9ant de la technologie Microsoft a r\u00e9v\u00e9l\u00e9 l&rsquo;existence d&rsquo;un groupe de hackers parrain\u00e9 par P\u00e9kin. Ce dernier a utilis\u00e9 les vuln\u00e9rabilit\u00e9s pour lancer des attaques r\u00e9p\u00e9t\u00e9es contre des entreprises am\u00e9ricaines afin d&rsquo;exfiltrer des informations. Toutefois, \u00e0 l&rsquo;\u00e9poque, Microsoft a qualifi\u00e9 ces attaques de limit\u00e9es et cibl\u00e9es.<\/p>\n\n\n\n<p>Il semble que les hackers utilisent d\u00e9sormais une strat\u00e9gie plus directe pour tirer parti des anciennes vuln\u00e9rabilit\u00e9s d\u00e9couvertes sur les serveurs Microsoft Exchange.<\/p>\n\n\n\n<p>Depuis que Microsoft a d\u00e9masqu\u00e9 les hackers bas\u00e9s \u00e0 P\u00e9kin, elle a publi\u00e9 des correctifs pour environ six des failles. Deux des failles corrig\u00e9es \u00e9taient connues sous le nom de ProxyOracle, qui permet \u00e0 un acteur malveillant d&rsquo;utiliser un format en texte clair pour obtenir le mot de passe de l&rsquo;utilisateur.<\/p>\n\n\n\n<p>Cependant, Microsoft doit encore relever des d\u00e9fis pour r\u00e9soudre d&rsquo;autres probl\u00e8mes. Trois de ces probl\u00e8mes peuvent \u00eatre exploit\u00e9s par un attaquant en contournant les contr\u00f4les ACL, selon le rapport. Lorsque les hackers r\u00e9ussissent l&rsquo;exploitation, cela peut leur donner certains privil\u00e8ges \u00e9lev\u00e9s sur le backend PowerShell d&rsquo;Exchange. Cela peut donner \u00e0 l&rsquo;attaquant une authentification efficace, conduisant \u00e0 l&rsquo;ex\u00e9cution de code \u00e0 distance.<\/p>\n\n\n\n<p>Microsoft a admis que les deux CVE-2021-34523 et CVE-2021-34473 ont \u00e9t\u00e9 involontairement exclus de la publication jusqu&rsquo;en juillet.<\/p>\n\n\n\n<p><strong>Les organisations sont invit\u00e9es \u00e0 installer les mises \u00e0 jour<\/strong><\/p>\n\n\n\n<p>Orange Tsai, un chercheur de DEVCORE, a initialement divulgu\u00e9 les d\u00e9tails techniques de la cha\u00eene d&rsquo;attaque ProxyShell lors de la r\u00e9cente conf\u00e9rence sur la s\u00e9curit\u00e9 DEF CON et Black Hat USA 2021.<\/p>\n\n\n\n<p>Les chercheurs en s\u00e9curit\u00e9 ont conseill\u00e9 aux utilisateurs ce qu&rsquo;ils doivent faire pour emp\u00eacher les tentatives d&rsquo;exploitation par les acteurs de la menace. Les organisations ont \u00e9t\u00e9 invit\u00e9es \u00e0 installer les mises \u00e0 jour publi\u00e9es par Microsoft d\u00e8s que possible.<\/p>\n\n\n\n<p>Microsoft a d\u00e9clar\u00e9 que des correctifs pour les vuln\u00e9rabilit\u00e9s suivantes sont disponibles.<\/p>\n\n\n\n<p>Parmi celles-ci figurent : <strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-33768\">CVE-2021-33768<\/a><\/strong>, <strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-34523\">CVE-2021-34523<\/a><\/strong>, <strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-34473\">CVE-2021-34473<\/a><\/strong>, <strong><a href=\"https:\/\/thehackernews.com\/2021\/05\/latest-microsoft-windows-updates-patch.html\">CVE-2021-31207<\/a><\/strong>, <strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-31196\">CVE-2021-31196<\/a><\/strong>, <strong><a href=\"https:\/\/thehackernews.com\/2021\/05\/latest-microsoft-windows-updates-patch.html\">CVE-2021-31195<\/a><\/strong>, <strong><a href=\"https:\/\/thehackernews.com\/2021\/03\/microsoft-issues-security-patches-for.html\">CVE-2021-27065<\/a><\/strong>, et <strong><a href=\"https:\/\/thehackernews.com\/2021\/03\/microsoft-issues-security-patches-for.html\">CVE-2021-26857<\/a><\/strong>.<\/p>\n\n\n\n<p>Les mises \u00e0 jour sont disponibles depuis le 13 mars 2021. Microsoft a \u00e9galement averti que les organisations qui n&rsquo;ont pas appliqu\u00e9 les mises \u00e0 jour courent un risque plus \u00e9lev\u00e9 d&rsquo;\u00eatre exploit\u00e9es.<\/p>\n\n\n\n<p><strong>Les serveurs Microsoft Exchange subissent des attaques r\u00e9p\u00e9t\u00e9es<\/strong><\/p>\n\n\n\n<p>Ce n&rsquo;est pas la premi\u00e8re fois que les serveurs Microsoft Exchange sont vuln\u00e9rables aux attaques. En mars de cette ann\u00e9e, environ 30 000 organisations bas\u00e9es aux \u00c9tats-Unis ont \u00e9t\u00e9 touch\u00e9es par une cyberattaque orchestr\u00e9e par le cyberespionnage chinois. L&rsquo;attaque a touch\u00e9 des administrations locales, des villes et des petites entreprises. Les attaquants ont fait une perc\u00e9e gr\u00e2ce \u00e0 quatre vuln\u00e9rabilit\u00e9s dans le logiciel de messagerie Microsoft Exchange Server, car ils ont vol\u00e9 les courriels des organisations victimes.<\/p>\n\n\n\n<p>Ensuite, Microsoft a d\u00e9clar\u00e9 que les serveurs d&rsquo;\u00e9change avaient \u00e9t\u00e9 pris pour cible par un groupe de hackers chinois inconnu jusqu&rsquo;alors et surnomm\u00e9 \u00ab\u00a0Hafnium\u00a0\u00bb. Selon le g\u00e9ant technologique, le groupe a men\u00e9 des attaques cibl\u00e9es sur plusieurs syst\u00e8mes de messagerie \u00e9lectronique utilis\u00e9s par diff\u00e9rentes organisations dans un large \u00e9ventail de secteurs. Il s&rsquo;agit notamment d&rsquo;ONG, de groupes de r\u00e9flexion politique, d&rsquo;entreprises de d\u00e9fense, d&rsquo;\u00e9tablissements d&rsquo;enseignement sup\u00e9rieur, de cabinets d&rsquo;avocats et de chercheurs en maladies infectieuses.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Un rapport r\u00e9cent a r\u00e9v\u00e9l\u00e9 que les attaquants analysent et exploitent les serveurs Exchange via une cha\u00eene d&rsquo;exploitation inconnue. Selon le rapport, les hackers profitent de trois s\u00e9ries de failles qui affectent les installations sur site. Cela fait suite \u00e0 l&rsquo;exploitation massive des vuln\u00e9rabilit\u00e9s ProxyLogon au d\u00e9but de l&rsquo;ann\u00e9e. 30 000 syst\u00e8mes d\u00e9j\u00e0 touch\u00e9s Selon &hellip; <a href=\"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES<\/span><\/a><\/p>\n","protected":false},"author":5,"featured_media":937,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6],"tags":[],"class_list":["post-3504","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualite"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>LES HACKERS ATTIRENT L&#039;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES - Blog KoDDoS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"LES HACKERS ATTIRENT L&#039;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES - Blog KoDDoS\" \/>\n<meta property=\"og:description\" content=\"Un rapport r\u00e9cent a r\u00e9v\u00e9l\u00e9 que les attaquants analysent et exploitent les serveurs Exchange via une cha\u00eene d&rsquo;exploitation inconnue. Selon le rapport, les hackers profitent de trois s\u00e9ries de failles qui affectent les installations sur site. Cela fait suite \u00e0 l&rsquo;exploitation massive des vuln\u00e9rabilit\u00e9s ProxyLogon au d\u00e9but de l&rsquo;ann\u00e9e. 30 000 syst\u00e8mes d\u00e9j\u00e0 touch\u00e9s Selon &hellip; Continue reading LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES\" \/>\n<meta property=\"og:url\" content=\"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog KoDDoS\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/koddosCom\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-14T07:35:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-16T07:55:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i1.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"880\" \/>\n\t<meta property=\"og:image:height\" content=\"543\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"KoDDoS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@koddoscom\" \/>\n<meta name=\"twitter:site\" content=\"@koddoscom\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"KoDDoS\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/\"},\"author\":{\"name\":\"KoDDoS\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/person\\\/d22f7fb31dc4d117c9eb5c9cfe533f85\"},\"headline\":\"LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES\",\"datePublished\":\"2021-08-14T07:35:00+00:00\",\"dateModified\":\"2021-08-16T07:55:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/\"},\"wordCount\":927,\"publisher\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1\",\"articleSection\":[\"Actualit\u00e9s\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/\",\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/\",\"name\":\"LES HACKERS ATTIRENT L'ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES - Blog KoDDoS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1\",\"datePublished\":\"2021-08-14T07:35:00+00:00\",\"dateModified\":\"2021-08-16T07:55:37+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1\",\"width\":880,\"height\":543},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/\",\"name\":\"Blog KoDDoS\",\"description\":\"Blog KoDDoS est un blog d\u2019information et d\u2019actualit\u00e9 focalis\u00e9 sur le hacking, la cyber criminalit\u00e9, la vie priv\u00e9e et la surveillance.\",\"publisher\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#organization\",\"name\":\"KoDDoS\",\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i1.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/logo.png?fit=258%2C55&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i1.wp.com\\\/fr.koddos.net\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/logo.png?fit=258%2C55&ssl=1\",\"width\":258,\"height\":55,\"caption\":\"KoDDoS\"},\"image\":{\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/koddosCom\",\"https:\\\/\\\/x.com\\\/koddoscom\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/#\\\/schema\\\/person\\\/d22f7fb31dc4d117c9eb5c9cfe533f85\",\"name\":\"KoDDoS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g\",\"caption\":\"KoDDoS\"},\"url\":\"https:\\\/\\\/fr.koddos.net\\\/blog\\\/author\\\/oiyndjepop\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"LES HACKERS ATTIRENT L'ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES - Blog KoDDoS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/","og_locale":"fr_FR","og_type":"article","og_title":"LES HACKERS ATTIRENT L'ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES - Blog KoDDoS","og_description":"Un rapport r\u00e9cent a r\u00e9v\u00e9l\u00e9 que les attaquants analysent et exploitent les serveurs Exchange via une cha\u00eene d&rsquo;exploitation inconnue. Selon le rapport, les hackers profitent de trois s\u00e9ries de failles qui affectent les installations sur site. Cela fait suite \u00e0 l&rsquo;exploitation massive des vuln\u00e9rabilit\u00e9s ProxyLogon au d\u00e9but de l&rsquo;ann\u00e9e. 30 000 syst\u00e8mes d\u00e9j\u00e0 touch\u00e9s Selon &hellip; Continue reading LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES","og_url":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/","og_site_name":"Blog KoDDoS","article_publisher":"https:\/\/www.facebook.com\/koddosCom","article_published_time":"2021-08-14T07:35:00+00:00","article_modified_time":"2021-08-16T07:55:37+00:00","og_image":[{"width":880,"height":543,"url":"https:\/\/i1.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1","type":"image\/jpeg"}],"author":"KoDDoS","twitter_card":"summary_large_image","twitter_creator":"@koddoscom","twitter_site":"@koddoscom","twitter_misc":{"\u00c9crit par":"KoDDoS","Dur\u00e9e de lecture estim\u00e9e":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#article","isPartOf":{"@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/"},"author":{"name":"KoDDoS","@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/person\/d22f7fb31dc4d117c9eb5c9cfe533f85"},"headline":"LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES","datePublished":"2021-08-14T07:35:00+00:00","dateModified":"2021-08-16T07:55:37+00:00","mainEntityOfPage":{"@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/"},"wordCount":927,"publisher":{"@id":"https:\/\/fr.koddos.net\/blog\/#organization"},"image":{"@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1","articleSection":["Actualit\u00e9s"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/","url":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/","name":"LES HACKERS ATTIRENT L'ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES - Blog KoDDoS","isPartOf":{"@id":"https:\/\/fr.koddos.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#primaryimage"},"image":{"@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1","datePublished":"2021-08-14T07:35:00+00:00","dateModified":"2021-08-16T07:55:37+00:00","breadcrumb":{"@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#primaryimage","url":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1","contentUrl":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1","width":880,"height":543},{"@type":"BreadcrumbList","@id":"https:\/\/fr.koddos.net\/blog\/les-hackers-attirent-lattention-sur-les-serveurs-microsoft-exchange-vulnerables\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/fr.koddos.net\/blog\/"},{"@type":"ListItem","position":2,"name":"LES HACKERS ATTIRENT L&rsquo;ATTENTION SUR LES SERVEURS MICROSOFT EXCHANGE VULN\u00c9RABLES"}]},{"@type":"WebSite","@id":"https:\/\/fr.koddos.net\/blog\/#website","url":"https:\/\/fr.koddos.net\/blog\/","name":"Blog KoDDoS","description":"Blog KoDDoS est un blog d\u2019information et d\u2019actualit\u00e9 focalis\u00e9 sur le hacking, la cyber criminalit\u00e9, la vie priv\u00e9e et la surveillance.","publisher":{"@id":"https:\/\/fr.koddos.net\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/fr.koddos.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/fr.koddos.net\/blog\/#organization","name":"KoDDoS","url":"https:\/\/fr.koddos.net\/blog\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/i1.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2018\/02\/logo.png?fit=258%2C55&ssl=1","contentUrl":"https:\/\/i1.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2018\/02\/logo.png?fit=258%2C55&ssl=1","width":258,"height":55,"caption":"KoDDoS"},"image":{"@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/koddosCom","https:\/\/x.com\/koddoscom"]},{"@type":"Person","@id":"https:\/\/fr.koddos.net\/blog\/#\/schema\/person\/d22f7fb31dc4d117c9eb5c9cfe533f85","name":"KoDDoS","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/239872ddb935e40a5bf46e7421e0fdd8419ae8e91164a61d84219911f7648c73?s=96&d=mm&r=g","caption":"KoDDoS"},"url":"https:\/\/fr.koddos.net\/blog\/author\/oiyndjepop\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/fr.koddos.net\/blog\/wp-content\/uploads\/2019\/06\/Microsoft-Warns-Users-Not-to-Enable-Macros-or-They-Could-Be-Hit-by-Malware.jpg?fit=880%2C543&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9DjzA-Uw","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts\/3504","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/comments?post=3504"}],"version-history":[{"count":2,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts\/3504\/revisions"}],"predecessor-version":[{"id":3506,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/posts\/3504\/revisions\/3506"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/media\/937"}],"wp:attachment":[{"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/media?parent=3504"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/categories?post=3504"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fr.koddos.net\/blog\/wp-json\/wp\/v2\/tags?post=3504"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}