ProxyLogon Vulnerability: Civil Society Watch Out!

CyberPeace Institute

Are you working in a Civil Society Organization? You could be under attack without knowing it.

There’s a recent vulnerability currently exploited by cybercriminals that is affecting on-premise Microsoft Exchange servers.

Through this vulnerability, criminals can access sensitive information you’ve exchanged by email with anyone, inside or outside your organization. Criminals have also started using this vulnerability to encrypt systems, asking for a ransom to decrypt them.

This vulnerability goes by the name of ProxyLogon and the criminal group that has been reported to be behind the exploit is dubbed Hafnium. BlackKingdom and the group behind DearCry are among the first ransomware groups that have been monetizing this vulnerability.

If you haven’t heard about any of these names, we suggest you give a quick call to your IT colleague and ask:

Are we using Microsoft Exchange as an e-mail server?
Is our server on-premise?

If the answer to both questions is yes, Microsoft released a tool allowing your IT colleague to check and secure your email server. It’s quite simple and it’s available here.

Has your organization been impacted? Contact us, we want to talk to you!


    Do you need assistance?  Contact us, our team can help you!

    Stay safe!

    © Copyright 2023: The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.


    Support the CyberPeace Institute

    Individual lives can be changed dramatically by the acts of cyber criminals. We need your support to assist victims of cyberattacks in the NGO, humanitarian and healthcare sectors.


    Subscribe to our newsletter

    Receive monthly news on what’s happening at the Institute: our impact, publications, events and important milestones.