Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

avlon25
Exploring the expanses of space for cross sector applications
April 3, 2025
We speak with Mr Anantha Venugopal, Program Manager for Space and Emerging Technologies at the WA Defence Stand at the Avalon Australian International Airshow 2025. Watch Now
space-01
Release of a sub-250g nano UAV at Avalon Airshow 2025
April 3, 2025
Aircraft-grade coaxial unmanned aerial systems company Ascent AeroSystems has released HELIUS, the company’s first entry into the sub-250g UAV sector. Watch Now
space-380325
Astronaut Col. Mike Bloomfield speaking at Avalon Australia International Airshow 2025
March 28, 2025
We speak with astronaut Col. Mike Bloomfield (STS-86, 97, & 110) who took to the stage with Australian astronaut Katherine Bennell-Pegg to present and congratulate four Australian secondary students and STEM teacher selected for the prestigious Endeavour scholarship. Watch Now
space-2803
Newly appointed Space Industry CEO calls for National Space Taskforce
March 28, 2025
The Space Industry Association of Australia (SIAA) newly appointed chief executive officer Dan Lloyd outlines the 2025-2026 Pre-Budget Submission made by SIAA and the call for an Australian National Space Taskforce to monitor and respond to national and global space activities and articulate a structured national approach to space. Watch Now

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global domain.

LATEST EVENT LISTED

SingaporeHub_Banner_700x480
Opportunities for Singapore as a Regional Hub for Space and Critical Technology
State of cyber part 2
Special Virtual Episodes with ISACA Leaders - State of Cyber (Part 2)
State of trust
Special Virtual Episodes with ISACA Leaders - State of Trust

CONNECT WITH US

X-twitter Facebook-f Linkedin-in Instagram Youtube Podcast Google-play Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs