Hackers Spied on Exchange Executive’s Outlook Mail for Six Months via Cloud Services

Colleagues — a cybersecurity alert: attackers had access for at least five months to the Outlook mail of a senior executive at a major exchange.
Symantec and Carbon Black detail how mail was exported in small PST batches and exfiltrated via Dropbox and OneDrive to disguise traffic. Operators executed binaries as SYSTEM, spoofed updates, and used the Aspose library to parse OST/PST files.
This is unequivocal espionage: exposure of non‑public listings, trades, calendar entries and contacts. This risk cannot be closed with a patch — it requires continuous monitoring and rapid incident response.
Have you inspected your systems for unusual export activity, personal-cloud uploads and credential dumps?
#cybersecurity #incident #cloudsecurity #SOC


Latest comments
No comments yet.