Exchange Exploitation: Not Dead Yet
The mass exploitation of Exchange Servers has been a wake-up call, and it will take all parties playing in concert for the industry to react, respond, and recover.
"March Madness" is a jovial nickname for the third month of the year — but in 2021, the cybersecurity industry felt the brunt of March madness for a reason other than basketball: mass exploitation of Microsoft Exchange Servers. Almost two months later, we're still living in the aftermath of this widespread incident.
Related Content:
On March 1, Huntress learned about new vulnerabilities that would offer an unauthorized actor full control of a Microsoft Exchange server. These vulnerabilities were not yet disclosed, but enterprise organizations and small- to medium-sized businesses were already being exploited. On March 2, Microsoft released its first security advisory, warning companies about these dangerous vulnerabilities. Unfortunately, it seemed Microsoft's initial announcement missed the mark.