Security News > 2021 > March > Microsoft Shares Additional Mitigations for Exchange Server Vulnerabilities Under Attack
Microsoft on Friday released alternative mitigation measures for organizations who have not been able to immediately apply emergency out-of-band patches released earlier this week that address vulnerabilities being exploited to siphon e-mail data from corporate Microsoft Exchange servers.
"These mitigations are not a remediation if your Exchange servers have already been compromised, nor are they full protection against attack," Microsoft warned in a blog post.
Security researchers have warned that multiple cyber-espionage groups have been targeting vulnerable Exchange servers.
The U.S. Cybersecurity and Infrastructure Security also issued an alert Friday, urging organizations to upgrade their on-premises Microsoft Exchange servers to the latest supported version.
Cybersecurity firm Volexity, which was credited by Microsoft for reporting different parts of the attack chain, has published a blog post with technical details and a video demonstrating exploitation in action, along with known attacker IP addresses connected to the attacks.
Volexity said it detected anomalous activity from two of its customers' Microsoft Exchange servers in January 2021, which led to discovery of the attacks.
News URL
Related news
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Citrix shares mitigations for ongoing Netscaler password spray attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Over 3 million mail servers without encryption exposed to sniffing attacks (source)
- Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)