{"id":2163,"date":"2021-03-22T15:05:30","date_gmt":"2021-03-22T14:05:30","guid":{"rendered":"https:\/\/www.apvnorge.no\/?p=2163"},"modified":"2021-03-22T15:05:32","modified_gmt":"2021-03-22T14:05:32","slug":"microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware","status":"publish","type":"post","link":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/","title":{"rendered":"Microsoft Exchange servers now targeted by BlackKingdom ransomware"},"content":{"rendered":"<div id=\"apvno-3472515621\" class=\"apvno-before-content apvno-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-7003427967427457\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:inline-block;width:970px;height:250px;\" \ndata-ad-client=\"ca-pub-7003427967427457\" \ndata-ad-slot=\"6272152047\"><\/ins> \n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p class=\"has-text-align-justify has-black-color has-cyan-bluish-gray-background-color has-text-color has-background wp-block-paragraph\">Another ransomware operation known as &#8216;BlackKingdom&#8217; is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities\u00a0to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog,\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/MalwareTechBlog\/status\/1373634465340264451\" target=\"_blank\">tweeted<\/a>\u00a0that a threat actor was compromising Microsoft Exchange servers via the\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-fixes-actively-exploited-exchange-zero-day-bugs-patch-now\/\" target=\"_blank\">ProxyLogon vulnerabilities<\/a>\u00a0to deploy ansomware. Based on the logs from his honeypots,\u00a0Hutchins states that the threat actor used the vulnerability to execute a PowerShell script that downloads the ransomware executable from &#8216;yuuuuu44[.]com&#8217;\u00a0and then pushes it out to other computers on the network. Honeypots are devices with known vulnerabilities exposed on the Internet to lure attackers and monitor their activities. Hutchins&#8217; honeypots, though, did not appear to become encrypted, and the attack he witnessed was believed to be a failed campaign.<\/p>\n\n\n\n<p class=\"has-black-color has-pale-cyan-blue-background-color has-text-color has-background wp-block-paragraph\"><strong><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/<\/a><\/strong><\/p>\n<div id=\"apvno-804981659\" class=\"apvno-after apvno-entity-placement\"><script>\r\n_adsys_id = 33949;\r\n_adsys_size = 1;\r\n<\/script>\r\n<script src=\"https:\/\/d.wedosas.net\/d.js\"><\/script>    \r\n<\/br>\r\n<div>\r\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script>\r\n<!-- AD-4 -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:inline-block;width:970px;height:250px\"\r\n     data-ad-client=\"ca-pub-7003427967427457\"\r\n     data-ad-slot=\"6272152047\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\r\n<a href=\"https:\/\/affiliates.ssl.com\/820-3-1-13.html\" target=\"_blank\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" style=\"border:0px\" src=\"https:\/\/i0.wp.com\/affiliates.ssl.com\/media\/banners\/SSL-banner-UC-certificate-2-v5.png?resize=640%2C79&#038;ssl=1\" width=\"640\" height=\"79\" alt=\"Microsoft Exchange SAN UCC SSL\"><\/a><\/div>","protected":false},"excerpt":{"rendered":"<p>Another ransomware operation known as &#8216;BlackKingdom&#8217; is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities\u00a0to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog,\u00a0tweeted\u00a0that a threat actor was compromising Microsoft Exchange servers via the\u00a0ProxyLogon vulnerabilities\u00a0to deploy ansomware. Based on the logs from his honeypots,\u00a0Hutchins states that the threat actor used the vulnerability to execute [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2124,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[44,7],"tags":[],"class_list":["post-2163","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hackers","category-ms-windows"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"cz","enabled_languages":["en","no","cz"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"no":{"title":false,"content":false,"excerpt":false},"cz":{"title":false,"content":false,"excerpt":false}}},"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Another ransomware operation known as &#039;BlackKingdom&#039; is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"vklocurek\"\/>\n\t<meta name=\"google-site-verification\" content=\"TrS3Ce4SzthGp870C1FeMCHMy8m2nPpzG2NfPcdfJi0\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Et teknologiselskap - Dedisert til alle som ikke lenger kan reise til det vakre landet med oss.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap\" \/>\n\t\t<meta property=\"og:description\" content=\"Another ransomware operation known as &#039;BlackKingdom&#039; is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=23081&#038;ssl=1\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=23081&#038;ssl=1\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2021-03-22T14:05:30+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2021-03-22T14:05:32+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100064041250396\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Another ransomware operation known as &#039;BlackKingdom&#039; is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=23081&amp;ssl=1\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#blogposting\",\"name\":\"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap\",\"headline\":\"Microsoft Exchange servers now targeted by BlackKingdom ransomware\",\"author\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/author\\\/vklocurek\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.apvnorge.no\\\/wp-content\\\/uploads\\\/2021\\\/02\\\/images.jpg?fit=275%2C183&ssl=1\",\"width\":275,\"height\":183},\"datePublished\":\"2021-03-22T15:05:30+01:00\",\"dateModified\":\"2021-03-22T15:05:32+01:00\",\"inLanguage\":\"cs-CZ\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#webpage\"},\"articleSection\":\"Hackers, MS Windows\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/category\\\/ms-windows\\\/#listItem\",\"name\":\"MS Windows\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/category\\\/ms-windows\\\/#listItem\",\"position\":2,\"name\":\"MS Windows\",\"item\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/category\\\/ms-windows\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#listItem\",\"name\":\"Microsoft Exchange servers now targeted by BlackKingdom ransomware\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#listItem\",\"position\":3,\"name\":\"Microsoft Exchange servers now targeted by BlackKingdom ransomware\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/category\\\/ms-windows\\\/#listItem\",\"name\":\"MS Windows\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/#organization\",\"name\":\"{:en}Et teknologiselskap{:}{:gb}Et teknologiselskap{:}\",\"description\":\"Dedisert til alle som ikke lenger kan reise til det vakre landet med oss.\",\"url\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.apvnorge.no\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/APV.gif?fit=230%2C81&ssl=1\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#organizationLogo\",\"width\":230,\"height\":81},\"image\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100064041250396\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/author\\\/vklocurek\\\/#author\",\"url\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/author\\\/vklocurek\\\/\",\"name\":\"vklocurek\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2375d97e1232a252467ba685952ffd8523dec8c328b90b3b7462af20166b2af5?s=96&r=g\",\"width\":96,\"height\":96,\"caption\":\"vklocurek\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#webpage\",\"url\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/\",\"name\":\"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap\",\"description\":\"Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute\",\"inLanguage\":\"cs-CZ\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/author\\\/vklocurek\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/author\\\/vklocurek\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/www.apvnorge.no\\\/wp-content\\\/uploads\\\/2021\\\/02\\\/images.jpg?fit=275%2C183&ssl=1\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#mainImage\",\"width\":275,\"height\":183},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\\\/#mainImage\"},\"datePublished\":\"2021-03-22T15:05:30+01:00\",\"dateModified\":\"2021-03-22T15:05:32+01:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/#website\",\"url\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/\",\"name\":\"{:en}Et teknologiselskap{:}{:gb}Et teknologiselskap{:}\",\"description\":\"Dedisert til alle som ikke lenger kan reise til det vakre landet med oss.\",\"inLanguage\":\"cs-CZ\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.apvnorge.no\\\/cz\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap","description":"Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute","canonical_url":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"google-site-verification":"TrS3Ce4SzthGp870C1FeMCHMy8m2nPpzG2NfPcdfJi0","miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#blogposting","name":"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap","headline":"Microsoft Exchange servers now targeted by BlackKingdom ransomware","author":{"@id":"https:\/\/www.apvnorge.no\/cz\/author\/vklocurek\/#author"},"publisher":{"@id":"https:\/\/www.apvnorge.no\/cz\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2021\/02\/images.jpg?fit=275%2C183&ssl=1","width":275,"height":183},"datePublished":"2021-03-22T15:05:30+01:00","dateModified":"2021-03-22T15:05:32+01:00","inLanguage":"cs-CZ","mainEntityOfPage":{"@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#webpage"},"isPartOf":{"@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#webpage"},"articleSection":"Hackers, MS Windows"},{"@type":"BreadcrumbList","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz#listItem","position":1,"name":"Home","item":"https:\/\/www.apvnorge.no\/cz","nextItem":{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz\/category\/ms-windows\/#listItem","name":"MS Windows"}},{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz\/category\/ms-windows\/#listItem","position":2,"name":"MS Windows","item":"https:\/\/www.apvnorge.no\/cz\/category\/ms-windows\/","nextItem":{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#listItem","name":"Microsoft Exchange servers now targeted by BlackKingdom ransomware"},"previousItem":{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#listItem","position":3,"name":"Microsoft Exchange servers now targeted by BlackKingdom ransomware","previousItem":{"@type":"ListItem","@id":"https:\/\/www.apvnorge.no\/cz\/category\/ms-windows\/#listItem","name":"MS Windows"}}]},{"@type":"Organization","@id":"https:\/\/www.apvnorge.no\/cz\/#organization","name":"{:en}Et teknologiselskap{:}{:gb}Et teknologiselskap{:}","description":"Dedisert til alle som ikke lenger kan reise til det vakre landet med oss.","url":"https:\/\/www.apvnorge.no\/cz\/","logo":{"@type":"ImageObject","url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=230%2C81&ssl=1","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#organizationLogo","width":230,"height":81},"image":{"@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#organizationLogo"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100064041250396"]},{"@type":"Person","@id":"https:\/\/www.apvnorge.no\/cz\/author\/vklocurek\/#author","url":"https:\/\/www.apvnorge.no\/cz\/author\/vklocurek\/","name":"vklocurek","image":{"@type":"ImageObject","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/2375d97e1232a252467ba685952ffd8523dec8c328b90b3b7462af20166b2af5?s=96&r=g","width":96,"height":96,"caption":"vklocurek"}},{"@type":"WebPage","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#webpage","url":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/","name":"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap","description":"Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute","inLanguage":"cs-CZ","isPartOf":{"@id":"https:\/\/www.apvnorge.no\/cz\/#website"},"breadcrumb":{"@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#breadcrumblist"},"author":{"@id":"https:\/\/www.apvnorge.no\/cz\/author\/vklocurek\/#author"},"creator":{"@id":"https:\/\/www.apvnorge.no\/cz\/author\/vklocurek\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2021\/02\/images.jpg?fit=275%2C183&ssl=1","@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#mainImage","width":275,"height":183},"primaryImageOfPage":{"@id":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/#mainImage"},"datePublished":"2021-03-22T15:05:30+01:00","dateModified":"2021-03-22T15:05:32+01:00"},{"@type":"WebSite","@id":"https:\/\/www.apvnorge.no\/cz\/#website","url":"https:\/\/www.apvnorge.no\/cz\/","name":"{:en}Et teknologiselskap{:}{:gb}Et teknologiselskap{:}","description":"Dedisert til alle som ikke lenger kan reise til det vakre landet med oss.","inLanguage":"cs-CZ","publisher":{"@id":"https:\/\/www.apvnorge.no\/cz\/#organization"}}]},"og:locale":"cs_CZ","og:site_name":"Et teknologiselskap - Dedisert til alle som ikke lenger kan reise til det vakre landet med oss.","og:type":"article","og:title":"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap","og:description":"Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute","og:url":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/","og:image":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=23081&#038;ssl=1","og:image:secure_url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=23081&#038;ssl=1","article:published_time":"2021-03-22T14:05:30+00:00","article:modified_time":"2021-03-22T14:05:32+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100064041250396","twitter:card":"summary_large_image","twitter:title":"Microsoft Exchange servers now targeted by BlackKingdom ransomware - Et teknologiselskap","twitter:description":"Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ansomware. Based on the logs from his honeypots, Hutchins states that the threat actor used the vulnerability to execute","twitter:image":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2018\/05\/APV.gif?fit=23081&ssl=1"},"aioseo_meta_data":{"post_id":"2163","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"limit_modified_date":false,"created":"2024-03-07 17:05:34","updated":"2025-06-03 23:57:11"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.apvnorge.no\/cz\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/www.apvnorge.no\/cz\/category\/ms-windows\/\" title=\"MS Windows\">MS Windows<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMicrosoft Exchange servers now targeted by BlackKingdom ransomware\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.apvnorge.no\/cz"},{"label":"MS Windows","link":"https:\/\/www.apvnorge.no\/cz\/category\/ms-windows\/"},{"label":"Microsoft Exchange servers now targeted by BlackKingdom ransomware","link":"https:\/\/www.apvnorge.no\/cz\/microsoft-exchange-servers-now-targeted-by-blackkingdom-ransomware\/"}],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.apvnorge.no\/wp-content\/uploads\/2021\/02\/images.jpg?fit=275%2C183&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9T0bk-yT","jetpack-related-posts":[],"jetpack_likes_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2163","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/comments?post=2163"}],"version-history":[{"count":1,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2163\/revisions"}],"predecessor-version":[{"id":2164,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/posts\/2163\/revisions\/2164"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/media\/2124"}],"wp:attachment":[{"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/media?parent=2163"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/categories?post=2163"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.apvnorge.no\/cz\/wp-json\/wp\/v2\/tags?post=2163"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}