Security News > 2021 > March > CISA: No federal civilian agency hacked in Exchange attacks, so far
CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers.
"At this point in time, there are no federal civilian agencies that are confirmed to be compromised by this campaign," Eric Goldstein, CISA executive assistant director for cybersecurity, said in a testimony before the Homeland Security Subcommittee.
"We have seen outstanding responses to that directive and now the vast majority of Microsoft Exchange Servers have been mitigated across the federal civilian executive branch."
CISA is in the "Early days of the investigation of exploitation of Microsoft Exchange servers," according to Goldstein, and is still analyzing forensic results provided by individual agencies.
These indiscriminate attacks currently target organizations from multiple industry sectors worldwide, attempting to steal sensitive information from unpatched and Internet-exposed on-premises Exchange servers.
The Dutch Institute for Vulnerability Disclosure said Tuesday that it found 46,000 Exchange servers unpatched against the heavily abused ProxyLogon vulnerabilities after scanning 250,000 Exchange servers worldwide.
News URL
Related news
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) (source)