Saturday, June 12, 2021

Microsoft releases tool for Exchange Server hacks

Must Read

Multi-platform card skimmer found on BigCommerce, Shopify stores

While generally designed to target one kind of e-commerce platform, this new kind of net metering malware may assume...

SonicWall firewall maker hacked Via Zero-Day Flaw in its products

SonicWall, who built the communications equipment, said on Friday night, he was investigating a security breach of his internal...

UK NCA Announced the Arrest of 21 Clients of”WeLeakInfo”

Purchasing stolen data out of online marketplaces is quite risky, as you're getting involved in a cyber-criminal functioning by...

Microsoft has released a one-click mitigation tool as a stop-gap for IT admins who still need to apply security patches to protect their Exchange servers.

This month, Microsoft disclosed that four zero-day vulnerabilities were being actively used in attacks against Microsoft Exchange.

These vulnerabilities are collectively known as ProxyLogon and are being used by threat actors to drop web shells, crypto miners, and more recently, the DearCry ransomware on exploited servers.

Microsoft released emergency fixes for the critical vulnerabilities on March 2. However, the company estimates that at least 82,000 internet-facing servers are still unpatched and vulnerable to attack.

Today, Microsoft released the EOMT one-click PowerShell script so that small business owners who do not have dedicated or security teams can get further help securing their Microsoft Exchange servers.

It is important to note the tool is not an alternative to patching but should be considered a means to mitigate the risk of exploitation until the update has been applied — which should be completed as quickly as possible Microsoft warned.

If you have not deployed the latest security update, follow the below steps to protect your Exchange server.

• Download the EOMT tool.

• Run it on Exchange servers immediately.

• Follow the more detailed guidance here to ensure that your on-premises Exchange is protected.

• If you are already using Microsoft Safety Scanner, it is still live and Microsoft recommends keeping this running as it can be used to help with additional mitigations.

In related news this week, Microsoft reportedly began investigating the potential leak of Proof-of-Concept (POC) attack code supplied privately to cybersecurity partners and vendors ahead of the zero-day public patch release.

The company says that no conclusions have yet been drawn over attack spikes related to the vulnerabilities. 

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

An error of coding results attacker will delete a live video of Facebook

Facebook has solved the problem of Programming errors on live video services that allow attackers to successfully remove video...

What is a Cyber Attack or Virtual Attack

Firstly We Wil Discuss About Cyberattack or we will also say virtual attack. A Cyberattack is a type of attack that will be done...

Firefox 88 start disabling FTP with removal set for Firefox 90

Firefox 88 update has disabled File Transfer Protocol (FTP) support completely from the browser. The handling of clicking on FTP links from within Firefox...

Google Project Zero giving The 30-day grace period for user patch adoption

Google Project Zero will be shifting from a fairly hard 90-day deadline to a new model that incorporates a new 30-day grace period to...

Parking app ParkMobile experiences data breach of 21M Users

The popular mobile app that drivers use to pay and find available public parking in Pittsburgh and in other cities experienced a data breach...

More Articles Like This