5 min
News
Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day
Starting February 27, 2021, Rapid7 has observed a notable increase in the
exploitation of Microsoft Exchange through existing detections in InsightIDR
[https://www.rapid7.com/products/insightidr/]’s Attacker Behavior Analytics
(ABA). The Managed Detection and Response (MDR) identified multiple, related
compromises in the past 72 hours. In most cases, the attacker is uploading an
“eval” webshell, commonly referred to as a “chopper” or “China chopper”. With
this foothold, the attacker would then