fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

CISA Gives Federal Agencies 5 Days To Find Hacked Exchange Servers

CISA Gives Federal Agencies 5 Days To Find Hacked Exchange Servers

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to scan their networks again for any signs of compromised on-premises Microsoft Exchange servers and report their findings within five days.

CISA issued another directive ordering federal agencies to urgently update or disconnect their Exchange on-premises servers after Microsoft released security updates for zero-day bugs collectively dubbed ProxyLogon.

Earlier this month, CISA officials said that, so far, no US federal civilian agencies were compromised in ongoing attacks targeting vulnerable Exchange servers.

The newly issued emergency directive provides federal civilian executive branch agencies with additional forensic triage and server hardening requirements.

“Specifically, this update directs federal departments and agencies to run newly developed tools —Microsoft’s Test-ProxyLogon.ps1 script and Safety Scanner MSERT—to investigate whether their Microsoft Exchange Servers have been compromised,” the CISA said.

Also Read: Compliance Course Singapore: Spotlight On The 3 Offerings

Microsoft Exchange supplemental guidance

The federal agencies are required to use tools developed by Microsoft to help organizations investigate if their Exchange servers have been compromised in ProxyLogon attacks:

  • By 12:00 PM EDT on Monday, April 5, 2021, download and run the current version of Microsoft Safety Scanner (MSERT) in Full Scan mode and report results to CISA using the provided reporting template.
  • By 12:00 PM EDT on Monday, April 5, 2021, download and run the Test-ProxyLogon.ps1 script as an administrator to analyze Exchange and IIS logs and discover potential attacker activity. Report results to CISA using the provided reporting template.

CISA also asked agencies that find any evidence of compromise using Microsoft’s new tools to immediately report it “as an incident.”

The emergency directive also requires that all agencies further harden their on-premises Exchange servers by 12:00 PM EDT on Monday, June 28, 2021.

Required hardening measures include provisioning firewalls, installing updates within 48 hours after they’re released, using only supported software versions, configuring logging and storing logs off-site for at least 6 months, and installing anti-malware on all on-premises servers.

“Although the Emergency Directive only applies to Federal Civilian Executive Branch agencies, CISA encourages state and local governments, critical infrastructure entities, and other private sector organizations to review the supplemental direction [..] for additional information,” CISA added.

Also Read: Considering Enterprise Risk Management Certification Singapore? Here Are 7 Best Outcomes

Ongoing attacks targeting Exchange servers

Microsoft disclosed ongoing attacks coordinated by several Chinese-backed hacking groups targeting the vulnerabilities.

Slovak internet security firm ESET also shared info on at least ten more hacking groups actively abusing these bugs.

Attackers target orgs from multiple industry sectors worldwide, stealing sensitive information, deploying cryptomining malware or ransomware [12] on on-premises Exchange servers.

From over 400,000 vulnerable servers impacted by the ProxyLogon flaws on March 2 when Microsoft disclosed the bugs, there are now under 30,000 still exposed to attacks after 92% of them were patched within a month.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us