6/19/2023 0 Comments Msert tool exchangeBut Frank Downs, a former National Security Agency offensive threat analyst, says CISA apparently believes that unpatched systems still pose a significant risk to federal networks. So far, no federal agencies have reported a compromise related to exploits of the unpatched Exchange flaws. CISA also identified Microsoft Exchange servers still in operation and hosted by (or on behalf of) federal agencies that require additional hardening." Added Risk? "Microsoft has developed new tools and techniques to aid organizations in investigating whether their Microsoft Exchange servers have been compromised. "CISA is directing additional actions to identify compromises that may remain undetected," the agency states. Microsoft attributed the initial activity to a suspected China-based group dubbed Hafnium, but other security companies report that as many as a half-dozen groups attacked Exchange servers prior to the patching. Microsoft reported that as of March 26, more than 92%, or around 368,000, had been patched or mitigated (see: Check Point: 50,000 Attempted Ransomware Attacks Target Exchange).Īttackers started aggressively targeting vulnerable Exchange servers around Feb. Around that time, RiskIQ estimated that about 400,000 on-premises Exchange servers were vulnerable. Microsoft patched the four vulnerabilities in the on-premises version of Exchange Server on March 2. See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources Exchange Server Flaws In addition, the agencies have until June 28 to implement CISA's recommended steps to harden their infrastructure against attacks. ![]() The Cybersecurity and Infrastructure Security Agency is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
0 Comments
Leave a Reply. |