Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

Astronomers
Astronomers discover 49 new galaxies in under three hours
April 18, 2024
An international team of astronomers has discovered 49 new gas-rich galaxies using the MeerKAT radio telescope in South Africa. Watch Now
apsm_03
Strategic Overview of AI and Homeland Security: Current States and Future Directions
April 8, 2024
What are the strategic directions for AI in homeland security. Attending Milipol APAC and TechX Summit 2024, we speak with Physicist and former Yale University Professor, Dimitri Kusnezov, Under Secretary for S&T, US Department of Homeland Security. Watch Now
apsm_01
Securing Borders: Threats and Challenges
April 8, 2024
With the rapidly evolving challenges in global travel, trade, and security, we speak to Australian Border Force Commissioner, Michael Outram APM at the Milipol APAC and TechX Summit 2024 in Singapore. Watch Now
apsm
Automated pentesting in the cloud - visit Pentera at Booth B20, Hall 8 at GISEC Global 2024
April 2, 2024
Pentera is an automated pentesting platform. Validate every attack surface in your network, and test continuously to maintain control over your true security posture. Be proactive in fixing vulnerabilities, misconfigurations, leaked credentials, and privileges before they are exploited. Watch Now

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global security domain

LATEST EVENT LISTED

2nd Annual Anti-Fraud Leaders Summit
2nd Annual Anti-Fraud Leaders Summit
Australian Cyber Security Showcase
Australian Cyber Security Showcase
cyberwest_summit_2024_banner_600x413
CyberWest Summit 2024

CONNECT WITH US

Twitter Facebook-f Linkedin-in Instagram Youtube Podcast Android Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs