The European Banking Authority (EBA) has been the subject of a cyber-attack against its Microsoft Exchange Servers, which is affecting many organizations worldwide. EBA is part of the European System of Financial Guidance and it manages the stability organized performance of the EU banking sector. On March 7 th, the European Banking Authority (EBA) released an official statement saying it has removed all e-mail systems after their Microsoft Exchange Servers were hacked as part of the continuous attacks. National Security Council March 6, 2021 It is essential that any organization with a vulnerable server take immediate measures to determine if they were already targeted. Patching and mitigation is not remediation if the servers have already been compromised. The attack affected thousands of on-premises email customers, small businesses, enterprises, and government organizations around the world.
(I am not affiliated, associated, authorized, endorsed by, or in any way officially connected with this solution)Īn excellent compilation of events since the discovery of this vulnerability.The US is showing serious concern over a cyberattack on Microsoft’s Exchange email software that the tech company has blamed on China. A very interesting analysis of attacking behavior based on log entries and W3WP memory dumps.(In German)įrank Carius always produces great content, this time is sharing a very complete review of the vulnerability, also with a recommended workflow to follow. This tool was updated to detect web shells that could have been left by attackers, not enough, but a must-run tool.
Not only contains a script that you must execute to understand if your Exchange logs show suspicious entries (Suspicious activity found in % log!), EVEN IF YOU APPLIED THE PATCHES, but also a mitigation script to apply if for some reason you are unable to install the Security Patches.
0 kommentar(er)
