Connect with us

News

Exploits In Microsoft Exchange Used To Breach Over 30,000 Organizations

Published

on

exploit in microsoft exchange used to breach over 30000 organizations

Over 30,000 entities, including local governments, small businesses, defense contractors, and education institutions, have been breached because of unpatched exploits in Microsoft Exchange, reported journalist and investigative reporter Brian Krebs on his blog, KrebsOnSecurity.

“In each incident, the intruders have left behind a ‘web shell,’ an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. The web shell gives the attackers administrative access to the victim’s computer servers,” Krebs wrote.

According to Microsoft, the attack was orchestrated by notorious Chinese hacking group Hafnium, and they started on January 6th, the day when rioters stormed the United States Capitol in a violent attack against the 117th United States Congress.

Microsoft released emergency security updates to patch the vulnerabilities on March 2nd, which means that the attackers had nearly two months to infiltrate vulnerable systems. The tech giant has been working closely with the U.S. Cybersecurity & Infrastructure Security Agency (CISA), as well as other public and private organizations, to secure all unpatched servers running Exchange Server 2013, 2016, or 2019 (Exchange Online hasn’t been affected).

“The best protection is to apply updates as soon as possible across all impacted systems,” said Microsoft spokesperson in a written statement. “We continue to help customers by providing additional investigation and mitigation guidance. Impacted customers should contact our support teams for additional help and resources.”

Also Read: Dubai Police Use Futuristic Technology To Read Murder Suspect’s Mind

While most known victims of the attacks were located in the United States, breaches related to the Microsoft Exchange vulnerabilities were also detected on the other side of the Atlantic. For example, the Prague municipality and the Czech Ministry for Labor and Social Affairs were forced to shut down some of their systems and install emergency patches. No data was stolen during the attack, said Czech government officials.

Attacks like this one highlight the importance of timely patching and modern intrusion detection tools, which are able to detect unusual activity while it’s still time to act.

Advertisement

📢 Get Exclusive Monthly Updates, Tech Tips & Free Crypto Signals Right In Your Inbox!

JOIN OVER 12K SUBSCRIBERS

News

Cisco Unveils Strategic Vision For Enterprise Cloud Security In MENA

At the heart of this vision is Cisco Security Cloud, a global, cloud-delivered, integrated platform for end-to-end security across hybrid multi-cloud environments.

Published

on

cisco unveils strategic vision for enterprise cloud security in mena

The global pandemic has accelerated cloud adoption by forcing companies to embrace the hybrid work model. But as companies move more and more of their information technology systems to the cloud, they discover that traditional security measures become less and less effective. To help cloud adopters of all sizes overcome the challenges associated with enterprise cloud security, Cisco has unveiled its new strategic vision for the MENA region.

At the heart of this vision is Cisco Security Cloud, a global, cloud-delivered, integrated platform for end-to-end security across hybrid multi-cloud environments. The platform unifies the management and policy administration of public and private clouds to protect users, devices, networks, applications, and data.

“With the complexity of hybrid work, continued acceleration of cloud adoption, and the ever-advancing threat landscape, organizations are looking for a trusted partner to help them achieve security resilience,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “We believe Cisco is uniquely positioned due to its scale, breadth of solutions and cloud-neutral business model to meet their needs.”

Cisco Security Cloud is based on the zero trust security model, which, as its name implies, describes an approach to security where no access request is trusted without verification regardless of where it comes from.

Also Read: Is Your Phone Hacked? How To Find Out & Protect Yourself

To make the verification process as robust and user-friendly and possible, the necessary identity checks take place in the background, allowing users to focus on their work without being constantly interrupted by log-in prompts and other identity verification mechanisms.

Cisco is also building session trust analysis using OpenID Foundation’s Shared Signals and Events standards, which allow cloud services to instantly communicate security alerts and status changes of users.

These and other parts of Cisco’s new strategic vision for enterprise cloud security should help companies accelerate their cloud adoption initiatives. According to a survey of IT professionals in the Middle East, a lack of cybersecurity is among the main reasons why such initiatives proceed at a slow pace.

Continue Reading

#Trending