Exchange flaws could be much worse than thought: Six hacking groups suspected of using the zero days pre-patch It's looking like the exploitation of critical Exchange flaws that Microsoft revealed at the start of the month could be much worse than folks first suspected. An analysis by Slovak security shop ESET claims that six advanced criminal hacking groups, thought to have some level of state sponsorship, used the zero days to attack …
Easy access and performance have been the top priorities for years, security has always been just a "feature" - remember the old days when if you were driving around after an evening in the pub and it was never a problem unless you ran off the road a few times? Nowadays driving around is a security issue and doing it drunk is a crime, moving the driving world view into the Internet will not be easy but security needs to be a high priority - look at what's happening everywhere ... if it's connected to the Internet then it's at constant risk of getting hacked these days.
If we don't change the Internet then we'll keep getting hacked (see icon).
So, I have a question about this here Exchange Vuln....
The Co I used to work for had exchange, but INTERNAL only. Only active sync was exposed via a reverse proxy. Probably not that uncommon.
The question I need to ask is: Is it because they HAVE exposed their Exchange servers to the internet are they being hacked, in which case.... Imbeciles, or is there something a little more clever going on?
The exploit only works if you have OWA ETC exposed directly to the internet.
If you simply said "uh, no" and stuck the entire thing behind a VPN leaving nothing but ports 21/587 exposed then you remain impervious to this entire threat class.
The biggest surprise is that over fifty thousand exchange servers were compromised like this, and thus directly addressable on the internet.
"I need to do X. This thing does X. Any other considerations will require I do more work."
Actually, this explains not only your second question, but probably your first as well. "Hmm, I need to store this data somewhere. Let's see what I can find with a single StackExchange search. Ah, a set of instructions for dumping data into an S3 bucket using a hard-coded key."
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
