CISA Orders Agencies to Recheck for Exchange Compromises Twitter Get Permission
The Cybersecurity and Infrastructure Security Agency is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
In addition, the agencies have until June 28 to implement CISA s recommended steps to harden their infrastructure against attacks.
Exchange Server Flaws
Microsoft patched the four vulnerabilities in the on-premises version of Exchange Server on March 2. Around that time, RiskIQ estimated that about 400,000 on-premises Exchange servers were vulnerable. Microsoft reported that as of March 26, more than 92%, or around 368,000, had been patched or mitigated (see:
CISA Orders Agencies to Recheck for Exchange Compromises databreachtoday.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from databreachtoday.com Daily Mail and Mail on Sunday newspapers.
Photo: Pixabay
The White House on Wednesday unveiled the formation of a Unified Coordination Group to lead the government s response to attacks exploiting unpatched vulnerabilities in on-premises Microsoft Exchange email servers.
Representatives of the FBI, the Cybersecurity and Infrastructure Security Agency and the Office of the Director of National Intelligence are participating in the new group. The National Security Agency is providing support.
The group, which was established last week, held its first meeting Monday, with representatives of Microsoft and other firms attending, White House press secretary Jen Psaki says. We invited the private sector partners based on their specific insights to this incident, Psaki said Wednesday. At its first meeting, the group discussed the remaining number of unpatched systems, malicious exploitation and ways to partner together on incident response.
Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon