Analyzing the APT34’s Jason project
Security Affairs
JUNE 6, 2019
By using the EWS Managed API, the developer can access almost all the information stored in an Office 365, Exchange Online, or Exchange Server mailbox. The attacker used an old version of Microsoft.Exchange.WebService.dll tagged as 15.0.0.0 which according to Microsoft documentation dates back to 2012.
Let's personalize your content