
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>While most IT teams are accustomed to regular patch updates and patch cycles, the current set of Microsoft Exchange Server updates include another important step – checking for signs of compromise. The four Exchange Server vulnerabilities contained in this month’s patch update are being actively exploited to form part of a cyber kill chain. This kill chain allows attackers to leave behind web shells that can then be used to further their attack. Since a web shell is nothing more than a piece of malicious code that looks like a web interface and behaves like one, hiding malicious traffic flowing from one web interface is easy to accomplish on production servers like Microsoft Exchange. Of course, since the attackers define the rules of their engagement, what that web shell does is up to them. That means they could try anything from siphoning data from the server to using the server resources to run cryptomining software. In the case of these Exchange Server patches, simply patching the Exchange Server isn’t sufficient as if there are signs of compromise, you’ll need to trigger your incident response plan and perform some forensic analysis to determine the extent of any damage done.</p>