Sign In

Предупреждения


Microsoft IOC Detection Tool for Exchange Server Vulnerabilities – 08.03.2021


Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021.

CERT Bulgaria is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script—as soon as possible—to help determine whether their systems are compromised. For additional information on the script, see Microsoft’s blog HAFNIUM targeting Exchange Servers with 0-day exploits.

For more information about these vulnerabilities and how to defend against their exploitation, see:

https://github.com/microsoft/CSS-Exchange/tree/main/Security

https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

https://github.com/microsoft/CSS-Exchange/tree/main/Security

https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/#scan-log

 

08/03/2021

NEW VIRUSES RSS
VULNERABILITIES RSS