Multiple Nation-state Groups Are Hacking Microsoft Exchange Servers – Awareness Expert Reaction

By   ISBuzz Team
Writer , Information Security Buzz | Mar 10, 2020 03:03 am PST

It was recently reported that government-backed groups are exploiting CVE-2020-0688 to take over Exchange email servers. The exploitation attempts were first spotted by UK cyber-security firm Volexity on Friday and confirmed today to ZDNet by a source in the DOD.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
March 10, 2020 11:05 am

After social engineering, taking advantage of unpatched public-facing systems is one of the major root causes through which attackers get into organisations. It\’s not uncommon for organised criminals and nation-state actors to keep an eye on newly released patches and take advantage of the vulnerabilities before organisations have a chance to fix them. In the first instance organisations should look to apply patches, but this isn\’t always practical or feasible, so in the interim, they should consider alternative compensating controls including additional monitoring and threat detection.

Last edited 3 years ago by Javvad Malik

Recent Posts

Would love your thoughts, please comment.x