![Microsoft Exchange 0-day attacks HALOCK Reasonable Security Risk](https://www.halock.com/wp-content/uploads/2021/03/Microsoft-Exchange-0-day-attacks-HALOCK-Reasonable-Security-890x380.jpg)
Microsoft Exchange 0-day attacks | |||
DESCRIPTION | |||
A new set of zero-day vulnerabilities have been identified for Microsoft Exchange customers. | |||
IDENTIFY INDICATORS OF COMPROMISE (IOC) | |||
| |||
CONTAINMENT (REQUIRED) | |||
| |||
REMEDIATION | |||
After all threat actor-controlled accounts and identified persistence mechanisms have been identified and removed:
| If you would like to speak with HALOCK concerning this zero-day vulnerability, need assistance with analysis, or would like to further protect you web applications, please reach out to your HALOCK account manager or chat with us online at www.halock.com to schedule a call with one of our security experts. |
![Cyber Data Breach News](https://www.halock.com/wp-content/uploads/2022/05/HALOCK-Org-Data-Breach-Bulletin-150x150.jpg)
HALOCK Breach Bulletins
Recent data breaches to understand common threats and attacks that may impact you – featuring description, indicators of compromise (IoC), containment, and prevention.
References
- https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/
- https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
- https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
- https://msrc-blog.microsoft.com/2021/03/05/microsoft-exchange-server-vulnerabilities-mitigations-march-2021/
- https://github.com/microsoft/CSS-Exchange/tree/main/Security
- https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emergency-directive-and-alert-microsoft-exchange
- https://cyber.dhs.gov/ed/21-02/