back to article No sign of Exchange-related ransomware hitting UK orgs, claims NCSC as it urges admins to scan for compromises

The UK's National Cyber Security Centre has reminded Brits to patch their Microsoft Exchange Server deployments against Hafnium attacks, 10 days after the US and wider infosec industry shouted the house down saying the same thing. The agency told press on Friday afternoon that it had proactively helped UK organisations fix …

  1. Ken Moorhouse Silver badge

    Microsoft Safety Scanner, a Redmond malware seek-and-destroy tool.

    Operating Systems currently in use will be removed when your pc is restarted.

    Restart Now?

    Ok Later

  2. Anonymous Coward

    They spoke too soon

    "Microsoft Security Intelligence @MsftSecIntel

    We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers. Microsoft protects against this threat known as Ransom:Win32/DoejoCrypt.A, and also as DearCry.

    11:53 PM · Mar 11, 2021·Twitter Web App"

  3. Danny 14

    Problem is, people are patching but not checking for existing webshells or markers in logs.

  4. TimMaher Silver badge

    Redmond malware seek-and-destroy tool.

    That will be Windows 10 then.

  5. Anonymous Coward
    Anonymous Coward

    No sign or

    No realisation?

    Or no admission?

  6. Anonymous Coward
    Anonymous Coward

    Don't you just love it when the spooks are dishing out advice.......

    ,,,,,about security?


    They have a 24/7 job of EXPLOITING defects in OTHER PEOPLE'S systems, and then get all helpful when it suits them!!!!






    Sorry that the examples are fairly old......but this article plus these links do make the point!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like