The Cybersecurity and Infrastructure Security partners have recently announced that on-premise (but not 365 or online) Microsoft Exchange Server products have a vulnerability to breach, including access to emails, files and credentials, which may also threaten network integrity.
While Microsoft has released patches to address these vulnerabilities, it is recommended that systems be examined first to detect any malicious activity. If exploitation activity is present, you must assume that your network security has been breached and take immediate action to detect and close off the intrusion. Only after such examination should patches be applied.
More information, technical briefs and tools for intrusion detection can be found at: https://us-cert.cisa.gov/ncas/alerts/aa21-062a.
Metz Lewis Brodman Must O’Keefe’s data security group provides counseling for our clients with respect to policies and procedures for establishing a more secure IT environment, post breach reporting management and coordination and review of contracts and other agreements with regard to liability management for information and technology systems.
This post was written by Barry Friedman