ISPs/NSPs with customers running self hosted or on-premises Exchange may want to be aware of this. https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-h... https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchang...
On Fri, Mar 5, 2021 at 4:26 PM Eric Kuhnke <eric.kuhnke@gmail.com> wrote:
ISPs/NSPs with customers running self hosted or on-premises Exchange may want to be aware of this.
https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-h...
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchang...
Yes, and CISA released an alert and an emergency directive. https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emerge...
Here is a blog covering some more in depth details. https://www.huntress.com/blog/rapid-response-mass-exploitation-of-on-prem-ex... Thank you, Kevin McCormick From: NANOG <nanog-bounces+kmccormick=mdtc.net@nanog.org> On Behalf Of Scott Morizot Sent: Friday, March 5, 2021 5:02 PM To: Eric Kuhnke <eric.kuhnke@gmail.com> Cc: nanog@nanog.org list <nanog@nanog.org> Subject: Re: Microsoft Exchange zero day On Fri, Mar 5, 2021 at 4:26 PM Eric Kuhnke <eric.kuhnke@gmail.com<mailto:eric.kuhnke@gmail.com>> wrote: ISPs/NSPs with customers running self hosted or on-premises Exchange may want to be aware of this. https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-h... https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchang... Yes, and CISA released an alert and an emergency directive. https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emerge...
participants (3)
-
Eric Kuhnke
-
Kevin McCormick
-
Scott Morizot