Researchers have detected a new conversation hijacking campaign that exploits unpatched Exchange servers to deliver IcedID trojan within the energy, healthcare, pharmaceutical, and legal sectors. It’s been almost a year since the disclosure of ProxyShell vulnerabilities in Exchange servers but not many organizations, apparently, couldn’t apply the patch.