Skip to main content

Security updates for critical Microsoft Exchange Server vulnerabilities

 Cyberint National Center specialists recently sent a notification about a ransomware campaign (called " Black Kingdom ") used to exploit MS Exchange's ProxyLogon vulnerabilities for encryption of servers. How does the attack work and what can you do to protect yourself?


The attacker uses these vulnerabilities to run a PowerShell script that downloads the ransomware executable from the " yuuuuu44 [.] Com " domain , then distributes it to other stations on the network. As an operating mode, the ransomware product encrypts files on the infected station using random extensions and creates a ransom text file (called decrypt_file.TxT or ReadMe.txt ) .


To prevent infection with this ransomware, we recommend that you urgently apply the latest updates available  to vulnerable servers, if you haven't already!


Also, as additional protection measures, it is recommended:


use of an antivirus solution for servers

performing a regular backup (daily, weekly) for critical data and information. We recommend that data be saved on offline storage devices (servers, NAS, HDD), in protected locations, and that access be limited.

disable the RDP service on all stations and servers in the network, if it is not used or not necessarily necessary

setting the execution policy for PowerShell scripts in restricted mode .

UPDATE 16.03.2021

The use of the SD-WAN system is, therefore, an upgrade from outdated computer network frameworks of the past as they are detached from traffic management and hardware-based monitoring functions.

Microsoft released a new set of additional guidelines last night to investigate and fix local Exchange Server vulnerabilities.

Labels:

Comments

Post a Comment

Popular posts from this blog

Cloud-based DDoS Protection

Don’t let the DDoS attack interrupt your business operation for reputational and financial loss. Use cloud-based denial of service protection to prevent getting hacked. Denial-of-service attack definition Anyone with bad intentions can hire a hacking service for a targeted attack. Malware tools are accessible, easy to use, and effective. Not just large companies, but cybercriminals are looking for any size vulnerable victims, including personal blogs, e-commerce shops, small to medium businesses. One type of attack is particularly dangerous and increasingly common. It is called distributed denial of service attack, or DDoS for short. In a DDoS attack, a set of compromised, distributed systems –could be servers, home computers, Internet-of-Things devices, anything connected to the internet– is used to overwhelm a targeted system with a flood of requests, to the point in which the attacked system gets saturated enough to refuse to work. Since the flood comes from many scattered...
13 comments
Read more

What are the benefits of purchasing a SaaS model?

 Knowing what SaaS is and deploying this technology in your business will establish quite a differentiator . After all, companies that host their cloud services can increase the degree of efficiency applied to the processes, improving the results obtained.  So, do you want to know the other benefits that this service model provides? Just keep following this post! 1. More accurate software licensing costs Software licensing costs are often among the main factors that contribute to the weight of the IT sector in a company's budget. Therefore, reducing this expense (or making it more precise) is an objective that is part of the daily life of any IT manager. In this sense, SaaS is considered one of the best alternatives on the market. With SaaS, the company pays only for the number of active licenses. This dramatically eliminates spending on software licenses that are not in use. With this, the company can prepare itself in advance in case of projects or major structural changes. ...
8 comments
Read more

What are the English proficiency levels?

 The classification used by language courses - basic, intermediate and advanced - is not exactly related to the levels of English proficiency that are based on the categorization of the European Common Framework or Framework. This guide considers the international standard ranking, which divides the degree of knowledge of the language into: See more:  Amazon Saheli Quiz Answers A1 (beginner) A2 (basic) B1 (intermediate) B2 (post-intermediate) C1 (advanced) C2 (proficient) Before you make any assessment, no matter how much you have prepared for it, pre-tests are recommended to find out where you would be classified if you took the test at that time. If your rating is below B2, in little or nothing a proficiency certificate will help you. Although many foreign universities consider the B1 level sufficient, the classes are already so complex even for those who have a perfect level of understanding of English, imagine for those who do not speak the language. Professionally speakin...
7 comments
Read more