Microsoft Release Multiple Security Updates for Exchange Server after Zero-day Exploitation
Equate TechnologiesEquate TechnologiesEquate TechnologiesMar/04/2021
Microsoft has released an alert urging organisations to apply the recently released patch for Microsoft Exchange Server as soon as possible, detecting multiple Zero-day exploits being actively targeted in the wild. The observed attacks have been attributed to a Chinese state-sponsored threat actor, targeting Exchange vulnerabilities to gain access to multiple victim networks and exfiltrate data.
The exploited vulnerabilities are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 which have all been addressed in Microsoft’s patch release early this week.
We recommend applying these security updates to all vulnerable systems as soon as possible, prioritising those that are internet-facing. If the patches can not be applied immediately, consider taking additional steps to prevent successful exploitation.
The Equate Managed Security Team responded instantly to this Microsoft alert using a five-stage approach:
Click here for IOCs taken from the observed attacks in the wild
Microsoft’s advice on the security updates can be found here.
07.20.2021
Adam Green joins the team with responsibility for managing and growing their burgeoning portfolio of clients through a range of customised and scalable managed security solutions
06.24.2021
Living life in a state of discomfort – Rylan Painter discusses defending national cyber security, meditation and making the world a happier place.
06.15.2021
Ex Defence Force and SOC Manager, Rylan Painter discusses getting back to basics with the Essential Eight and prioritising cyber security as a strategic imperative.