Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Data Security

Threat Update 29 – Exchange Vulnerability Detection Tips & Tools

Many organizations are still dealing with the mass exploitation of on-prem Exchange servers from four Zero-Day vulnerabilities. Teams are struggling to identify and patch all of their affected servers, and...
Kilian Englert
1 min read
Last updated October 22, 2021

Contents

    Many organizations are still dealing with the mass exploitation of on-prem Exchange servers from four Zero-Day vulnerabilities. Teams are struggling to identify and patch all of their affected servers, and figure out if or to what extent their organizations were compromised.

    Join Kilian Englert and Ryan O’Boyle from the Varonis Incident Response Team as they take a deep dive into some of the tools and scripts to identify Exchange vulnerabilities, and discuss some of the ways to look for signs of compromise.

    Articles and resources referenced in this episode:

    Threat Update – Mass Exploitation of On-Prem Exchange Servers 

    Security Scripts on GitHub

    GossiTheDog code on GitHub

    👉Varonis held a session taking an in-depth look into defending against the attack. Register to see the replay.

    👋To learn how else we can help, please visit us at: https://www.varonis.com/help/

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    exchange-journaling-and-diagnostics:-how-to
    Exchange Journaling and Diagnostics: How to
    exchange-journaling-and-diagnostics:-how-to
    Rob Sobers
    May 3, 2012
    Journaling and Diagnostics Logging are services to monitor and audit activity on Microsoft Exchange servers. They provide basic auditing functionality for email activity (e.g. who sent which message to whom)...
    threat-update---mass-exploitation-of-on-prem-exchange-servers
    Threat Update - Mass Exploitation of On-Prem Exchange Servers
    threat-update---mass-exploitation-of-on-prem-exchange-servers
    Snir Ben Shimol
    March 4, 2021
    On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...
    threat-update-32---lemon-duck-floats-on-exchange-proxylogon-vulnerability
    Threat Update 32 - Lemon Duck Floats on Exchange ProxyLogon Vulnerability
    threat-update-32---lemon-duck-floats-on-exchange-proxylogon-vulnerability
    Kilian Englert
    April 1, 2021
    Hear how the Lemon Duck cryptomining botnet targets Exchange servers vulnerable to ProxyLogon.
    what-is-human-generated-data?
    What is Human Generated Data?
    what-is-human-generated-data?
    Rob Sobers
    September 30, 2013
    Unlike business application data, like a billing database or CRM system, or machine-generated data, such as the log files that servers generate, human-generated data is comprised of the emails, Word...