Technology companies come and go, but Bit by Bit backs its service with 30 years of experience helping businesses achieve their goals with reliable IT solutions and support.
We were established in 1987 as a database application development and networking company, and since then we’ve evolved into a full-service IT firm and leader in delivering powerful and cost-effective technology solutions. visit our site at www.bitxbit.com
Tuesday, March 9, 2021
New Microsoft Exchange Hacking Campaign Targets U.S. Organizations
A new, aggressive hacking campaign that exploits vulnerabilities in Microsoft Exchange Server has hit as many as 30,000 U.S. businesses and government agencies. Microsoft is attributing these attacks to cyber espionage organization, HAFNIUM, based in mainland China.
FortiGuard Labs was notified right away though MAPP (Microsoft Active Protections Program). We’ve already released four FortiGuard IPS patches to protect Fortinet customers from these exploits.
What You Can Do
If you believe that your organization is vulnerable to this exploit, we recommend the following actions:
Apply a “hot patch”, which according to Fortinet CISO Phil Quade, is the strategy of updating security devices to automatically block exploitation attempts using signatures from the threat actor’s exploit while you work to upgrade and patch devices.
Conduct an asset inventory to identify all affected Microsoft Exchange Servers deployed in your organization.
Run version checks to see if they have been patched.
Apply appropriate patches where possible. Devices that cannot be patched should be secured behind a security device able to detect and prevent such an exploit.
Apply advanced, scanning leveraging known Indicators of Compromise to detect leave-behinds and anomalous behaviors resulting from a successful breach, such as the use of an unauthorized back door.
More details on the attack and how to mitigate it are available in the full blog post. To receive future information from Fortinet, don’t forget to subscribe.