For more than two months, a newly patched series of vulnerabilities in on-premises versions of Microsoft Exchange Server has been successfully exploited. The hack, which was first linked to a Chinese state-sponsored actor, has since been used in a variety of cybercrime schemes, the most recent of which is the DearCry ransomware. In this article, we will give a brief explanation of what is it all about and how to detect and mitigate the issue.