Urgent Microsoft Exchange Vulnerability
Urgent Microsoft Exchange Vulnerability
Where is the threat coming from?
At this point in time, Microsoft has identified the group – Hafnium as responsible for the threat and attack. It is believed that Hafnium is a state-sponsored threat actor based out of China.
How is it spread?
It is believed the threat is spread through 4 separate vulnerabilities in Microsoft Exchange Server. If a server has open connectivity to the Internet through port 443, which is very common, the attackers can take advantage of the vulnerability to gain access to email and data to exfiltrate the information.
How serious is the threat?
The threat is extremely serious in that it allows the attacker to not only get access to the data but also execute commands on the affected servers and related network. The most significant issue is that most if not all security is not able to detect and prevent this threat as of yet. Some cybersecurity firms have estimated that over 25% of the systems they have investigated have been affected by the vulnerability.How do you protect your environment?
It is advised to immediately download and apply the recommended emergency patches from Microsoft. More information on this particular vulnerability can be found on the Microsoft blog located at –
https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/
If you have any questions or need assistance applying these emergency patches –
please call us at 417-334-0494
Our Past Posts
But We Had Cyber Liability Insurance
Literally as I was getting ready to write this newsletter, I got a scheduling request from an organization that noted in the request for the meeting – “We fell victim
FBI and CISA Warn Of New Cyber Attacks Coming
We all are watching in shock and disgust at the atrocities being committed in Ukraine. Our thoughts, prayers and hopefully soon to be delivered tactical support are with each and
Urgent Microsoft Exchange Vulnerability
Urgent Microsoft Exchange Vulnerability Microsoft acknowledged on Tuesday 3/2/2021 that there was a series of significant Zero-Day vulnerabilities related to Microsoft Exchange servers and has released an emergency patch that
You NEVER See It Coming! But Once It Hits, Everyone Says, “I Wish I Would Have … ”
A year ago, no one could have predicted that countless businesses would shift to a remote work model. The pandemic hit hard and fast, and small businesses had to think
You Don’t Care About Technology
You Don’t Care About Technology As a business owner or leader, you don’t care about technology. I mean really let’s be honest, unless you are one of the rare ones,
We Don’t Have A Huge Cyber Security Need
We Don’t Have A Huge Cyber Security Need This was the answer I heard on the other end of the line from a prospective client that had just engaged our