Security Boulevard
Community Chats Webinars Library Timeline of a Hafnium Attack
The attacks on Microsoft Exchange servers around the world by Chinese state-sponsored threat group Hafnium are believed to have affected over 21,000 organizations. The impact of these attacks is growing as the four zero-day vulnerabilities are getting picked up by new threat actors.
While the world was introduced to these critical vulnerabilities on March 2
nd when Microsoft released security updates and mitigation guidance, the first known exploitation of this vulnerability occurred in early January. Although applying Microsoft’s advised updates protects organizations from continued or future exploitation of these known vulnerabilities, they don’t mitigate any compromises that have already happened. And because these Exchange vulnerabilities are exposed to the internet, cybercriminals continue to voraciously seek out unpatched systems to attack at unprecedented scale.
Source: Windows Central
On Windows 10, the Microsoft Safety Scanner (MSERT) is a standalone tool that scans, finds, and removes many malware types, including viruses, spyware, and unwanted software causing harm on your computer without having to install it on the device.
The security tool is similar to the Malicious Software Removal Tool (MSRT), and it works similarly to a regular anti-malware software you use on Windows 10. It even has the same engine and threat definitions as the Microsoft Defender Antivirus. However, it is not a replacement for your antivirus solution since it does not offer real-time protection or automatic updates. Instead, it only provides another way to scan and remove infections when you suspect that your security software is not working correctly and believe the device has been infected.
CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers dem10/iStock.com
email March 31, 2021 04:32 PM ET
The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.
The Cybersecurity and Infrastructure Security Agency set deadlines for federal agencies to implement supplemental actions under an emergency directive it issued following the abuse of vulnerabilities identified in on-premises Microsoft Exchange servers.
The updated directive CISA released Wednesday requires department-level chief information officers or their equivalents to report to CISA on further investigative actions by noon Monday, April 5 and on defensive measures by noon Monday, June 28.
Exchange Server attacks: Run this Microsoft malware scanner now, CISA tells government agencies zdnet.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from zdnet.com Daily Mail and Mail on Sunday newspapers.
Reseller News
Join Reseller News
Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.Sign up now
Microsoft releases interim mitigation tool for Exchange vulnerability
Mitigates the CVE-2021-26855 vulnerability. Credit: Supplied
Microsoft has released an interim mitigation tool to automatically mitigate one vulnerability in the attack chain associated with the zero-day Exchange Server exploits the vendor disclosed earlier this month.
The Exchange On-premises Mitigation Tool, or EOMT, aims to protect and mitigate against CVE-2021-26855 on Exchange servers prior to patching and was designed for those who are either unfamiliar with the updating process or have not applied the update yet.