UNC2596 Deploys Cuba Ransomware via Microsoft Exchange Server Vulnerabilities
According to Mandiant, UNC2596 has been launching such campaigns since August 2021. It has targeted utility providers, government agencies, and organizations that support non-profits and healthcare entities.
