MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Microsoft Exchange hack and advice for threat hunting

Microsoft Exchange hack and advice for threat hunting

Tech & Sec Weekly
SHARE:
Share on linkedin
Share on facebook
Share on twitter
Share on email

IN THIS VIDEO

Following Microsoft’s news about Hafnium, the Australian Cyber Security Centre (ACSC) advises organisations using Microsoft Exchange to urgently patch the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-26855 – server-side request forgery (SSRF) vulnerability in Exchange.
CVE-2021-26857 – insecure deserialization vulnerability in the Unified Messaging service.
CVE-2021-26858 – post-authentication arbitrary file write vulnerability in Exchange.
CVE-2021-27065 – post-authentication arbitrary file write vulnerability in Exchange.
If successfully exploited, these CVEs would allow an unauthenticated attacker to write files and execute code with elevated privileges on the underlying Microsoft Windows operating system.

A large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC is encouraging these organisations to do so urgently.

We cross to the US and speak with Mat Gangwer, Senior Director, Sophos Managed Threat Response and review the Microsoft Exchange hack and threat hunting advice.

Full article, including updated ESET research: https://australiancybersecuritymagazi…

#Exchangehack#microsoft#cybersecurity#cyberbreach#exchange#CVE#Sophos

OTHER VIDEOS IN THIS SERIES

IoT Security Vulnerabilities
April 30, 2021
We speak with Lani Refiti, Regional Director of Claroty cover IoT Security Vulnerabilities & Exploits including some recent research by Claroty on: Watch Now
Chauvin Trial & Policing – an Australian perspective
April 30, 2021
We speak with Emeritus Professor Jude McCulloch, Criminology, Monash University and look at the recent Chauvin trial and killing of George Floyd in the US. Watch Now
Cynterra wins major DTA contract for Secure Internet Gateway
April 28, 2021
We speak with Drago Gvozdanovic, CEO of Cynterra, based in Canberra. Watch Now
Climate Security Threat inspires the Australian Security Leaders Climate Group
April 23, 2021
The Australian Security Leaders Climate Group includes current and former members of the Australian Defence Force and defence sector and security practitioners. Watch Now
Scroll to Top