Not that this real news to anyone paying attention to tech but it is not just about the hack. The real point here is there are far to many servers out there that cannot be patched because they are too old. Unfortunately many organizations look on IT infrastructure as a buy and forget proposition. Until something crashes they do not see the value in investing additional resources for maintenance and will not replace the hardware until it goes belly up. This short-sighted approach only allow hacks like this one to have a greater impact than it would with appropriate hardware and OS refresh cycles, proper maintenance and of course end point security.

Adversaries are deploying DearCry ransomware on victim systems after hacking into on-premise Microsoft Exchange servers that remain unpatched, Microsoft acknowledged late Thursday.

“Microsoft observed a new family of human operated ransomware attack customers,” Microsoft Security Program Manager Phillip Misner tweeted at 9:19 p.m. ET Thursday. “Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.”

Misner’s tweet came less than two hours after BleepingComputer reported that threat actors were taking advantage of new zero-day ProxyLogin vulnerabilities in Microsoft Exchange servers to install the DearCry ransomware. Microsoft Defender customers who receive automatic updates are now protected against this ransomware without having to take any action, according to Microsoft Security Intelligence.

“We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers,” Microsoft Security Intelligence tweeted to 11:53 p.m. ET Thursday. “Microsoft protects against this threat known as … DearCry.” Read On: