New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange.
According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to the execution of a .NET

actor attack backdoor breach cyber email email phishing emirates exchange exchange server fortinet fortinet fortiguard labs government intrusion iranian labs microsoft microsoft exchange microsoft exchange server phishing report server simple threat threat actor uae united united arab emirates victim