MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

akula
June 23, 2025
We visit the offices of Akula Tech in Melbourne and speak with CEO and Founder, Preetham Akula. Watch Now
spr
June 18, 2025
We speak with Rob Mueller, senior technologist with NASA based at the Kennedy Space Centre and the founder of Robopalooza. Watch Now
space-11
June 13, 2025
We speak with James Palmer, CEO and Founder of Space Centre Australia. Watch Now
zen-05
June 6, 2025
We speak with Andreas Hartl, Senior Vice President for the Asia-Pacific and Japan (APJ) region at Zscaler. Andreas is responsible for driving the company’s growth and strategic initiatives across the region. Watch Now