NIST's guidance for a Zero Trust Architecture

Recent AD News

Attention: The Chinese may have hacked your Exchange email server

On March 2, Microsoft released emergency security updates to plug four security loopholes in Exchange Server versions 2013 through 2019. Chinese state-sponsored cyber-espionage unit was using these security loopholes to sniff into email conversations of victim organizations.

At least 30,000 organizations in the United States alone are believed to be hacked by the espionage group to siphon email communications from Internet-facing systems running Exchange.

If you have been running an OWA server exposed to the internet, it is safe to assume that you have been compromised between 26th February and 3rd March.

Three days since Microsoft patched the vulnerabilities, security experts say that the hackers have been ramping up exploiting any unpatched Exchange server around the world.  

Following the incident, a Microsoft spokesperson said “The best protection is to apply updates as soon as possible across all impacted systems.” “We continue to help customers by providing additional investigation and mitigation guidance. Impacted customers should contact our support teams for additional help and resources,” he added.

Related posts
Recent AD News

Attackers use stolen credentials to intrude into the UN network

Recent AD News

CISA and FBI expect ransomware attacks to soar over the Labor Day weekend, issue advisory

Recent AD News

Another zero-day vulnerability confirmed by Microsoft

Recent AD News

Automate access decisions with risk-based contextual authentication

Leave a Reply

Your email address will not be published. Required fields are marked *