MICROSOFT
Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads.
« Attackers looking to exploit unpatched Exchange servers are not going to go away, » the tech giant’s Exchange Team said in a post. « There are too many aspects of unpatched on-premises Exchange environments that are valuable to bad actors looking to exfiltrate data or commit other malicious acts. »
Microsoft also emphasized mitigations issued by the company are only a stopgap solution and that they can « become insufficient to protect against all variations of an attack, » necessitating that users install necessary security updates to secure the servers.
Exchange Server has been proven to be a lucrative attack vector in recent years, what with a number of security flaws in the software weaponized as zero-days to hack into systems.
In the past two years alone, several sets of vulnerabilities have been discovered in Exchange Server – including ProxyLogon, ProxyOracle, ProxyShell, ProxyToken, ProxyNotShell, and a ProxyNotShell mitigation bypass known as OWASSRF – some of which have come under widespread exploitation in the wild.
Bitdefender, in a technical advisory published this week, described Exchange as an « ideal target, » while also chronicling some of the real-world attacks involving the ProxyNotShell / OWASSRF exploit chains since late November 2022.
Mots-clés : cybersécurité, sécurité informatique, protection des données, menaces cybernétiques, veille cyber, analyse de vulnérabilités, sécurité des réseaux, cyberattaques, conformité RGPD, NIS2, DORA, PCIDSS, DEVSECOPS, eSANTE, intelligence artificielle, IA en cybersécurité, apprentissage automatique, deep learning, algorithmes de sécurité, détection des anomalies, systèmes intelligents, automatisation de la sécurité, IA pour la prévention des cyberattaques.
Bots et IA biaisées : une menace silencieuse pour la cybersécurité des entreprises Introduction Les…
Cloudflare en Panne : Causes Officielles, Impacts et Risques pour les Entreprises Le 5 décembre…
Introduction La cybersécurité est aujourd’hui une priorité mondiale. Récemment, la CISA (Cybersecurity and Infrastructure Security…
La transformation numérique face aux nouvelles menaces Le cloud computing s’impose aujourd’hui comme un…
Les attaques par déni de service distribué (DDoS) continuent d'évoluer en sophistication et en ampleur,…
Face à l'adoption croissante des technologies d'IA dans les PME, une nouvelle menace cybersécuritaire émerge…
This website uses cookies.