Cyber Security Strategy: Compromise of MS Exchange Server

Sunday 2 May 2021

Compromise of MS Exchange Server - MITRE ATT&CK Framework

Microsoft Exchange Server Remote Code Execution Vulnerability. CVE-2021-26857

Joint FBI-CISA Cybersecurity Advisory AA21-069A: Compromise of Microsoft Exchange Server

On March 2, 2021, Microsoft released out-of-band security updates to address vulnerabilities affecting Microsoft Exchange Server products.
On March 3, 2021, after CISA and partners observed active exploitation of vulnerabilities, CISA issued Emergency Directive 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities and Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.
On March 31, 2021, CISA issued ED 21-02 Supplemental Direction V1, which directs federal departments and agencies to run newly developed tools—Microsoft’s Test-ProxyLogon.ps1 scriptand Safety Scanner MSERTto investigate whether their Microsoft Exchange Servers have been compromised.
On April 13, 2021, CISA issued ED 21-02 Supplemental Direction V2, which directs federal departments and agencies to apply Microsoft's April 2021 Security Updatethat newly discloses and mitigates significant vulnerabilities affecting on-premises Exchange Server 2013, 2016, and 2019.

Rajdeep's Profile

Rajdeep has around 17 years of rich experience as a Cyber Security Program Leader working on high visibility programs such as Red Teaming, Advance Penetration Testing, Threat Hunting, Threat Intelligence, Social Engineering, Threat & Vulnerability Mitigation, Malware Analysis, Secure SDLC, Application Security etc. Some of his eminence activities include:

- Winner of Global Cyberlympics, Middle East and India Regional Championship (a UNO and EC-Council initiative - October 2011); Joint 3rd place winner at Global Cyberlympics finals, held at Virginia, USA

- Microsoft Most Valuable Professional (MVP) - Consumer Security (2009, 2010, 2011, 2012)

LinkedIn Profile

Malware Analysis Group