Patch management | SC Media

Patch management

CISA encourages everyone to follow updated guidance for Microsoft Exchange fixes

The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a supplemental direction to Emergency Directive (ED) 21-02, which lays out hardening, forensic triage and reporting requirements designed to mitigate vulnerabilities found in the wake of the massive Microsoft Exchange vulnerability hacks that have affected tens of thousands of organizations. The update directs federal departments…

Ransomware may be targeting Microsoft’s Hafnium Exchange Server vulnerabilities

Microsoft confirmed “a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers,” via its Security Intelligence Twitter account. The ransomware, called DoejoCrypt or DearCry, appears to be the latest threat associated with not patching the Hafnium Exchange Server vulnerabilities Microsoft first announced last week. DoejoCrypt was first noticed on…

Next post in Vulnerabilities