A new email phishing campaign has been discovered that employs the strategy of conversation hijacking to distribute the IcedID information-stealing malware onto targeted devices via unpatched and publicly-exposed Microsoft Exchange servers.
The most recent round of assaults, discovered in mid-March 2022, is reported to have targeted businesses in the energy, healthcare, legal, and pharmaceutical industries.
[Read More…](https://www.zdnet.com/article/Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware/?&web_view=true)