Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

space-01-07-30
India Space Congress highlights Australian space ties prior to IAC, Sydney
July 1, 2025
We speak with Anil Prakash, Director-General of SIA-India at the India Space Congress 2025, Le Méridien, New Delhi. Watch Now
space-01-07-20
Advancing space communications for the future lunar economy
July 1, 2025
We speak with Dr Thierry Klein, President, Bell Labs Solutions Research, Nokia Bell Labs at the India Space Congress, New Delhi. Watch Now
space-01-07-10
Investment NSW issues invitation to IAC, 2025 at the India Space Congress
July 1, 2025
We speak with Malini Dutt, Investment and Trade Commissioner – India, Investment NSW at the India Space Congress, 2025, New Delhi. Watch Now
space-01-07=00
SWIRSAT Mission aims to significantly lower the cost of data acquisition
July 1, 2025
We speak with Venkat Pillay, CEO and Founder of LC60 AI), formerly LatConnect 60 at the India Space Congress 2025. Watch Now

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global domain.

LATEST EVENT LISTED

UK Space Conference 2025
UK Space Conference 2025
Tech in Paradise - The Google Factor Sundowner Event MP
Tech in Paradise - The Google Factor Sundowner Event
ThaiCyberX
ThaiCyberX

CONNECT WITH US

X-twitter Facebook-f Linkedin-in Instagram Youtube Podcast Google-play Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs