Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

acsm-01
CISO applying and securing an enterprise-ready trust management platform
March 11, 2025
We speak with Jadee Hanson, Chief Information Security Officer (CISO) for Vanta. Security is at the heart of what Vanta does —helping customers improve their security and compliance posture – and this starts with their own. Watch Now
sp-8
Delivering state-of-the-art satellite-based communication
March 5, 2025
We speak with Mr Tan Khai Pang, Chief Executive Officer, AddValue Technologies. Watch Now
sp-7
Commercial Low Earth Orbit Destination
March 5, 2025
We speak with Mr David Caponio, Senior Vice President of Product and Business Development, VAST. Watch Now
sp-61
First Scottish woman and first to carry the Singapore flag into space
March 5, 2025
We speak with Nicolina Elrick, who on August 29, 2024, flew with Blue Origin, becoming the first Scottish woman and the first person to carry the Singapore flag into space, her permanent residence. Watch Now

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global domain.

LATEST EVENT LISTED

IAC 2025
IAC 2025
GLEX2025_Web-banner_700x480_2025-Updated-FINAL_300ppi_RGB_v2
GLEX 2025
700x480_Top Wis_networking Event_Sheraton Imperial_2025
Top Women in Security ASEAN Region - Networking event

CONNECT WITH US

X-twitter Facebook-f Linkedin-in Instagram Youtube Podcast Google-play Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs