Security News > 2021 > March > Week in review: Attacks on Exchange servers escalate, the influence of the Agile Manifesto, O365 phishing

Ongoing Office 365-themed phishing campaign targets executives, assistants, financial departmentsA sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries.

As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leakMicrosoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March.

Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers' activitiesMicrosoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically, while the Cybersecurity and Infrastructure Security Agency has released CHIRP, a forensic tool that can help defenders find IoCs associated with the SolarWinds attackers' activities.

Why is financial cyber risk quantification important?Why are executives pressuring CISOs to start financially quantifying cyber risk for their business? This process allows CISOs to identify and rank risk scenarios that are most critical to their enterprise, based on factors such as which attacks would have the biggest financial impact, and how equipped the company is to defend itself against any given attack.

DDoS attacks surge as cybercriminals take advantage of the pandemicDDoS attacks reached a record high during the pandemic as cybercriminals launched new and increasingly complex attacks, a Link11 report reveals.

The influence of the Agile Manifesto, 20 years onIn the years since the Manifesto was first published, Agile has been adopted by domains outside of software development, including hardware systems, infrastructure, operations, and even business support to name a few.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/EWlrY3pM128/