Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

space-28-05
17th Australian Space Forum program insights
June 28, 2024
We speak with Peter Nikoloff, Executive Director, The Andy Thomas Space Foundation and get insights into the upcoming 17th Australian Space Forum, 24-25 July 2024 in Adelaide, South Australia. Watch Now
space-02
Space Cyber Forum highlights dependency on space systems
June 28, 2024
The 2nd Australian Space Cyber Forum was held in Adelaide this week gathering space and cybersecurity professionals to discuss technical best practices, policy direction, AUKUS, future technologies and maintaining security and integrity of space systems and services. Watch Now
space-01
Australian cyber collaboration extends to global space industry
June 28, 2024
We speak with Matthew Salier, CEO of the Australian Cyber Collaboration Centre on signing a memorandum of understanding with Space ISAC, based in Colorado Springs. Watch Now
space-27
Space ISAC makes first Australian visit for Space Cyber Forum
June 27, 2024
We speak with Erin Miller, Executive Director of Space ISAC – Space Information Sharing and Analysis Center visiting the 2nd Australian Space Cyber Forum and signing a Memorandum of Understanding with the Australian Cyber Collaboration Centre. Watch Now

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global security domain

LATEST EVENT LISTED

NACSA Cyber Security Summit 700x480
NACSA Cyber Security Summit
Cyber-Revolution-Summit
Cyber Revolution Summit
Australian-Security-Summit-AuSEC-2024-1
Australian Security Summit (AuSEC) 2024

CONNECT WITH US

X-twitter Facebook-f Linkedin-in Instagram Youtube Podcast Google-play Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs