15 March 2021
Attack on Microsoft Exchange Server: urgent critical vulnerability
As seen in the news recently, Microsoft’s on-premises Exchange Servers were subject to an attack by Hafnium which has since been detected. Now that the exploit has been made public and the attack mechanisms are known, there is an increased risk of other malicious users taking advantage of this vulnerability for monetary gain.
What to do now?
- Check your Exchange version and install the recommended patches.
- Investigate for exploitation, persistence, or evidence of lateral movement to determine if you've already been compromised.
All the critical and official information can be found here – For your IT and security department:
MICROSOFT RECOMMENDATIONS CERT RECOMMENDATIONS
Why the emergency?
Hafnium originally used a targeted exploit to access data but now that the attack mechanisms are known, it can be exploited for monetary gain through ransomware attacks by any ill intended hackers and organisations.
Find out about the hackers' modus operandi
Share this publication?