FIN7 hackers create auto-attack platform to breach Exchange servers
The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. ... In a report shared with BleepingComputer before publication, Prodaft reveals details about FIN7's internal hierarchy, affiliations with various ransomware projects, and a new SSH backdoor system used for stealing files from compromised networks. CVEs: CVE-2021-34473, CVE-2021-34523, CVE-2021-31207 Malware: DarkSide, REvil, LockBit [View Article](https://www.bleepingcomputer.com/news/security/fin7-hackers-create-auto-attack-platform-to-breach-exchange-servers/)