Search
Search titles only
By:
Search titles only
By:
Menu
Forums
New posts
Search forums
Home
What's new
New posts
Latest activity
Log in
Register
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Reply to thread
Home
Computers & Internet
Anti-Spyware - Anti-Virus - Cyberculture
VIPRE Releases Security Advisory on Microsoft Exchange Server Attacks
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="VIPRE Security" data-source="post: 410"><p>VIPRE Security has released a security update related to last week’s attack affecting Microsoft Exchange Server 2013, 2016, and 2019. The Microsoft Security Response Center issued a detailed update March 5th with <a href="https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/" target="_blank">information and guidance</a> for customers who may be affected.</p><p></p><p>KrebsOnSecurity was first to report the hack. “This is the real deal,” Chris Krebs, the former head of the Cybersecurity and Infrastructure Security Agency, said on Twitter, referring to the attacks on on-premises Exchange, which is also known as Outlook Web Access. “If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03.” </p><p></p><p>As details began to emerge, a <a href="https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/" target="_blank">Microsoft blog points</a> to a newly identified threat actor they are calling <strong>Hafnium</strong> which operates from China. And according to Microsoft, while Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States.</p><p></p><p>Even administrators who have diligently patched their systems may still be at risk. Fortunately, IT pros can look to the Cybersecurity & Infrastructure Security Agency (CISA), who last week released <a href="https://us-cert.cisa.gov/ncas/alerts/aa21-062a" target="_blank">Alert (AA21-062A)</a> Mitigate Microsoft Exchange Server Vulnerabilities and advised:</p><p></p><p>“This Alert includes both tactics, techniques and procedures (TTPs) and the indicators of compromise (IOCs) associated with this malicious activity. To secure against this threat, CISA recommends organizations examine their systems for the TTPs and use the IOCs to detect any malicious activity. If an organization discovers exploitation activity, they should assume network identity compromise and follow incident response procedures. If an organization finds no activity, they should apply available patches immediately and implement the mitigations in this Alert.”</p><p></p><p>VIPRE recommends always keeping Windows machines patches up-to-date including VIPRE Email Security for Exchange. VIPRE Endpoint Security offers third-party patch management to cover the critical vulnerabilities in common applications and web browsers. <a href="https://www.vipre.com/resource/vipres-patch-management/" target="_blank">VIPRE breaks down patch management</a> in the following short video.</p><p></p><p><a href="https://www.vipre.com/" target="_blank">VIPRE Security</a> recommends that all organizations utilize a <a href="https://www.vipre.com/products/business-protection/" target="_blank">layered security approach</a> when implementing defensive measures. A top-rated <a href="https://www.vipre.com/products/business-protection/endpoint-security/" target="_blank">endpoint security solution</a> coupled with advanced <a href="https://www.vipre.com/products/business-protection/email-security/" target="_blank">email security</a> and threat intelligence solutions will ensure that you are protected from malicious threats via multiple attack vectors.</p><p></p><p>Explore <a href="https://www.vipre.com/products/business-protection/vipre-trial-evaluations/" target="_blank">VIPRE’s cybersecurity solutions</a> with a 30-day free trial.</p><p></p><p>The post <a href="https://www.vipre.com/blog/vipre-releases-security-advisory-on-microsoft-exchange-server-attacks/" target="_blank">VIPRE Releases Security Advisory on Microsoft Exchange Server Attacks</a> appeared first on <a href="https://www.vipre.com" target="_blank">VIPRE</a>.</p></blockquote><p></p>
[QUOTE="VIPRE Security, post: 410"] VIPRE Security has released a security update related to last week’s attack affecting Microsoft Exchange Server 2013, 2016, and 2019. The Microsoft Security Response Center issued a detailed update March 5th with [URL='https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/']information and guidance[/URL] for customers who may be affected. KrebsOnSecurity was first to report the hack. “This is the real deal,” Chris Krebs, the former head of the Cybersecurity and Infrastructure Security Agency, said on Twitter, referring to the attacks on on-premises Exchange, which is also known as Outlook Web Access. “If your organization runs an OWA server exposed to the internet, assume compromise between 02/26-03/03.” As details began to emerge, a [URL='https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/']Microsoft blog points[/URL] to a newly identified threat actor they are calling [B]Hafnium[/B] which operates from China. And according to Microsoft, while Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the United States. Even administrators who have diligently patched their systems may still be at risk. Fortunately, IT pros can look to the Cybersecurity & Infrastructure Security Agency (CISA), who last week released [URL='https://us-cert.cisa.gov/ncas/alerts/aa21-062a']Alert (AA21-062A)[/URL] Mitigate Microsoft Exchange Server Vulnerabilities and advised: “This Alert includes both tactics, techniques and procedures (TTPs) and the indicators of compromise (IOCs) associated with this malicious activity. To secure against this threat, CISA recommends organizations examine their systems for the TTPs and use the IOCs to detect any malicious activity. If an organization discovers exploitation activity, they should assume network identity compromise and follow incident response procedures. If an organization finds no activity, they should apply available patches immediately and implement the mitigations in this Alert.” VIPRE recommends always keeping Windows machines patches up-to-date including VIPRE Email Security for Exchange. VIPRE Endpoint Security offers third-party patch management to cover the critical vulnerabilities in common applications and web browsers. [URL='https://www.vipre.com/resource/vipres-patch-management/']VIPRE breaks down patch management[/URL] in the following short video. [URL='https://www.vipre.com/']VIPRE Security[/URL] recommends that all organizations utilize a [URL='https://www.vipre.com/products/business-protection/']layered security approach[/URL] when implementing defensive measures. A top-rated [URL='https://www.vipre.com/products/business-protection/endpoint-security/']endpoint security solution[/URL] coupled with advanced [URL='https://www.vipre.com/products/business-protection/email-security/']email security[/URL] and threat intelligence solutions will ensure that you are protected from malicious threats via multiple attack vectors. Explore [URL='https://www.vipre.com/products/business-protection/vipre-trial-evaluations/']VIPRE’s cybersecurity solutions[/URL] with a 30-day free trial. The post [URL='https://www.vipre.com/blog/vipre-releases-security-advisory-on-microsoft-exchange-server-attacks/']VIPRE Releases Security Advisory on Microsoft Exchange Server Attacks[/URL] appeared first on [URL='https://www.vipre.com']VIPRE[/URL]. [/QUOTE]
Insert quotes…
Verification
Post reply
Home
Computers & Internet
Anti-Spyware - Anti-Virus - Cyberculture
VIPRE Releases Security Advisory on Microsoft Exchange Server Attacks
Top
Bottom
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…