Security News > 2021 > March > US National Security Council urges review of Exchange Servers in wake of Hafnium attack
The Biden administration has urged users of Microsoft's Exchange mail and messaging server to ensure they have not fallen victim to the recently-detected "Hafnium" attack on Exchange Server that Microsoft says originated in China.
Microsoft revealed the attack last week and released Exchange security updates.
The Biden administration's Cybersecurity and Infrastructure Security Agency followed up with a March 5 general advisory encouraging upgrades to on-premises Exchange environments.
On March 7, the US National Security Council tweeted that patching and mitigation was not enough to protect vulnerable systems.
Microsoft has issued additional mitigation advice for those unable to patch Exchange Server.
With 30,000 US-based Exchange users thought to have been targeted by whoever was behind Hafnium, and 250,000 impacted globally, reports are suggesting the Biden administration will create a task force to address the Hafnium attack and its aftermath.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/08/us_national_security_council_says/
Related news
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- 18-year-old security flaw in Firefox and Chrome exploited in attacks (source)
- Is Lenovo a blind spot in US anti-China security measures? (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges (source)
- SQL Injection Attack on Airport Security (source)
- Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US (source)
- Security measures fail to keep up with rising email attacks (source)
- Russian security firm Dr.Web disconnects all servers after breach (source)
- Windows Server 2025 previews security updates without restarts (source)