Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

assimh
Launch of the new Australasian Space Innovation Institute
October 2, 2025
We speak with Professor Andy Koronios, CEO and Managing Director of the Australasian Space Innovation Institute, officially launched on the sidelines of the 76th International Astronautical Congress (IAC), Sydney.Watch Now
spa8md
Director General of the UAE Space Agency in Sydney for IAC, 2025
October 1, 2025
We speak with His Excellency Eng. Salem Butti Salem Al Qubaisi, the UAE Space Agency’s Director General.Watch Now
spimg
New Zealand supports launch of the Australasian Space Innovation Institute
October 1, 2025
We speak with the Hon Judith Collins KC, MP, Attorney-General, Minister of Defence, Minister for Digitising Government, Minister for the Public Service, Minister Responsible for the GCSB, Minister Responsible for the NZSIS, Minister for Space with the New Zealand Government.Watch Now
dras1
Autonomous vehicles in extreme environments: Expanding the frontiers of innovation
October 1, 2025
We speak with Dr Thierry Peynot, Associate Professor – Queensland University of Technology (QUT); Chief Investigator – QUT Centre for Robotics (Space Robotics and Mining Robotics) activities who will be presenting next week in Perth at the Indo-Pacific Robotics, Autonomy, AI, Cyber Conference and Exhibition (IPRAAC), 7-8 October at the Pan Pacific Hotel.Watch Now