Update: Microsoft Cyber Attack
The rise of Cyber vulnerabilities to businesses has never been more precarious. On 2 March 2021, corporate giant Microsoft announced significant vulnerabilities to their Exchange Server. Statements released by Microsoft have specified that these vulnerabilities are actively being exploited by criminal or state sponsored bad actors.
This exploitation of Microsoft’s Exchange Server means that any unpatched on-premise server that companies are using is at high risk of having their emails stolen or exposed. So far, tens of thousands of companies have fallen victim worldwide.
To avoid your systems being vulnerable to this attack, Microsoft has advised to urgently have your IT team patch your Exchange Server. Alternatively, follow the Microsoft guidance to patch your systems and use Microsoft’s tools to check for indications of compromise. We cannot stress enough how crucial it is to remediate this risk immediately.
Additionally, Microsoft has released a one-click mitigation tool as an interim measure: One-Click Microsoft Exchange On-Premises Mitigation Tool – March 2021 – Microsoft Security Response Center.
For more information regarding this matter, please read the latest release by Microsoft Security Response Center here.