Microsoft Exchange Server Hack
Microsoft reported four critical vulnerabilities in its Exchange Server systems, which adversaries could exploit for various other cyberattacks. We’ve heard reports that many have fallen victims already, from private institutions to government agencies and service organizations even after the patch was made available. Though the maker has released patches for securing these vulnerabilities, about half of the Exchange Server found online are yet to apply them, according to F-Secure, a cybersecurity firm. The rate at which they’re exploiting the flawed severs is rapid, with F-Secure saying, “They’re being hacked faster than we can count.” Antti Laatikainen, the senior security consultant at F-Secure, said, “Tens of thousands of servers have been hacked around the world. They’re being hacked faster than we can count. Globally, this is a disaster in the making.” It’s surely is, as hackers breaching the servers can steal the sensitive data and make backdoors for later use. This is to install ransomware malware and encrypt the systems all at once, thus stopping this business. While it’s warned that the longer the businesses take to patch, the riskier businesses that have applied the update (patch) may not be safe. Researchers say that there’s no guarantee that businesses haven’t fallen victim to this incident even after patching. This is because hackers may have already set in a back door even before they applied the patch and were undetectable. Thus, it’s suggested that businesses, even after applying the patch, should scan their networks for suspicious actions and block the connections over port 443. Also, the server should be configured to be accessed remotely via a VPN.
