Kevin Beaumont writes:
You have have read about the hack of the Electoral Commission recently. In this piece we take a look at what happened, show they were running Microsoft Exchange Server with Outlook Web App (OWA) facing the internet, and the unpatched vulnerability that presented.
The Electoral Commission ran Microsoft Exchange Server on IP 167.98.206.41 (found by TechCrunch) — this was online until later in 2022, at which point it dropped offline. According to the Electoral Commission’s advisory, they became aware of the incident in October 2022.
Here we see, via Shodan.io, the server was still available in late September 2022 — afterwards, it stopped responding, and still isn’t online now.
Read more at DoublePulsar.