![]() ![]() They provided guidance on how to scan your Exchange log files for Indicators of compromise here. However, they acknowledge that applying the patch doesn’t remove attackers from your system. Microsoft has released details about how to mitigate the effects of the attack. Security experts from across the industry are telling companies that if you are using on-prem Microsoft Exchange server that should assume that you have been compromised. Microsoft has stated that this attack does not impact their cloud-based email service. Microsoft disclosed that four Exchange Server zero-day vulnerabilities were being used in attacks against exposed Outlook on the web (OWA) servers. By exploiting these security gaps, the attackers are able to install a web shell on the impacted servers, which gives them administrative access to the victim’s servers and all of the data stored on them. Specifically, the attack focuses on four specific flaws in the Exchange software from versions 2013 through 2019. The US Cybersecurity and Infrastructure Agency (CISA) went so far as to issue an emergency directive mandating that all federal agencies to immediately update their on-prem Exchange Server software or disconnect it from the network. The White House and FBI have both issued statements about the attack. The seriousness of this attack cannot be understated. Research from FireEye Mandiant suggests that these attacks began as early as January 2021. While the total number of victims isn’t known just yet, it is suspected to be in the tens, if not hundreds, of thousands. According to Microsoft, this is an attack by what appears to be a state-sponsored organization that is targeting their on-premise Exchange Server email software running at companies across the globe. ![]() Build a Security Awareness and Training Programīy now you’ve probably heard about the latest major cyber attack, named Hafnium.Build an Information Security Strategy Guide.Free Phishing Simulation & Training + Threat Management Dashboards. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |