06/14/2021 | News release | Distributed by Public on 06/12/2021 18:24
On March 2nd, the Microsoft® Security Response Center (MSRC) issued a security advisory announcing four Exchange Server vulnerabilities being actively exploited by the threat group known as HAFNIUM. Within five minutes of the news going public, cybercriminals began intensively scanning the web for servers to exploit.
In the week that followed, tens of thousands of cloud-facing Microsoft Exchange servers were compromised. On April 13th, a scant six weeks later, Microsoft disclosed four additional Exchange Server vulnerabilities and released security updates for the affected systems.
These events in no way reflect poorly on Microsoft. The company has shown admirable speed and transparency in disclosing and patching vulnerabilities. No company, especially one that produces millions of lines of code each year, can ensure that every line will be bulletproof. Clever adversaries will always find a way in or a vulnerability to exploit.
Even today, however, many organizations are still unsure if they were victimized by HAFNIUM, whether their remediation efforts were successful, and what they can do to avoid similar attacks in the future. BlackBerry addresses these concerns and more in an on-demand roundtable discussion featuring Nigel Thompson, VP of Product Marketing, Rich Thompson, VP of Solutions Strategy, and Tony Lee, VP of Global Services Technical Operations.
Don't miss this essential security briefing.
We also invite you to learn more about the HAFNIUM attacks by viewing a related special two-part, on-demand Hacking Exposed presentation by Brian Robison, BlackBerry Chief Evangelist and Senior Director of Product Marketing.
In Part One, Brian deconstructs:
In Part Two, Brian moves into the lab to demonstrate two different ways to exploit these vulnerabilities.
Don't miss this essential Hacking Exposed security briefing!