Epsilon Red – our research reveals more than 3.5 thousand servers are still vulnerable

From securityaffairs.co

Chart showing numbers on vulnerable zerologon servers in different countries

Several weeks later, security researchers from Sophos have discovered a new ransomware variant known as Epsilon Red. Now, we know exactly how it was carried out – and what you should do to be safe from it.

Seemingly, a variant of the ransomwareEpsilon Red, relies on vulnerable Microsoft Exchange servers. Threat actors use them to launch mass server exploitation campaigns and try to expose companies’ information for revenue.

It works: one of the victims has already paid over $200,000 in Bitcoin, setting a dangerous precedent of companies giving into the demands of cyber criminals to prevent a possible data leak and damage to their reputation and loss of operations due to crippled IT services after important file encryption.

Read more…