Threat actors have once again started scanning for the now-patched vulnerabilities in Microsoft Exchange, cybersecurity experts shared at the recent Black Hat 2021 conference.
The attack was revealed by security researcher Kevin Beaumont, who tweeted that a threat actor was probing his Microsoft Exchange honeypot against the server’s Autodiscover service.
While these initial attempts were unsuccessful, Beaumont later noticed that the attacker modified their attack strategy in accordance with new details shared during a Black Hat presentation by Devcore’s principal security researcher Orange Tsai.