Current Activity

Microsoft IOC Detection Tool for Exchange Server Vulnerabilities

Original release date: March 6, 2021Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021.…

Comments Off

March 6, 2021

Current Activity

Microsoft Releases Alternative Mitigations for Exchange Server Vulnerabilities

Original release date: March 5, 2021Microsoft has released alternative mitigation techniques for Exchange Server customers who are not able to immediately apply updates that address vulnerabilities disclosed on March 2,…

Comments Off

March 6, 2021

Current Activity

Update to Alert on Mitigating Microsoft Exchange Server Vulnerabilities

Original release date: March 4, 2021CISA is aware of threat actors using open source tools to search for vulnerable Microsoft Exchange Servers and advises entities to investigate for signs of…

Comments Off

March 4, 2021

Current Activity

Joint NSA and CISA Guidance on Strengthening Cyber Defense Through Protective DNS

Original release date: March 4, 2021The National Security Agency (NSA) and CISA have released a Joint Cybersecurity Information (CSI) sheet with guidance on selecting a protective Domain Name System (PDNS)…

Comments Off

March 4, 2021

Current Activity

CISA Issues Emergency Directive and Alert on Microsoft Exchange Vulnerabilities

Original release date: March 3, 2021CISA has issued Emergency Directive (ED) 21-02 and Alert AA21-062A addressing critical vulnerabilities in Microsoft Exchange products. Successful exploitation of these vulnerabilities allows an attacker…

Comments Off

March 3, 2021

Current Activity

Microsoft Releases Out-of-Band Security Updates for Exchange Server

Original release date: March 2, 2021Microsoft has released out-of-band security updates to address vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. A remote attacker can exploit three remote code…

Comments Off

March 3, 2021

Current Activity

NSA Releases Guidance on Zero Trust Security Model

Original release date: February 26, 2021The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero…

Comments Off

February 26, 2021

Current Activity

Cisco Releases Security Updates 

Original release date: February 25, 2021Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected…

Comments Off

February 26, 2021

Current Activity

Mozilla Releases Security Updates for Thunderbird, Firefox ESR, and Firefox

Original release date: February 24, 2021Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected…

Comments Off

February 24, 2021

Current Activity

VMware Releases Multiple Security Updates

Original release date: February 24, 2021VMware has released security updates to address multiple vulnerabilities—CVE-2021-21972, CVE-2021-21973, CVE-2021-21974—in ESXi, vCenter Server, and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities…

Comments Off

February 24, 2021