Lastly, CISA is calling upon all agencies to harden the defences of their on-premises Microsoft Exchange servers by 12:00pm EDT on Monday, June 28 2021. The script analyses Exchange and IIS logs, indicating potential attacker activity.Īgain, CISA is requesting that reports from the script be shared with them.
In addition, and by the same April 5 deadline, agencies are being told to download and run Microsoft's Test-ProxyLogon.ps1 script. In an updated directive, CISA has directed federal departments and agencies to download and run the latest version of Microsoft's scanning tool (known as MSERT).Īgencies have also been told that every week, for four weeks after the first scan, the latest version of MSERT should be downloaded and run again, and any findings that indicate compromise must be reported to CISA.īecause a full scan with MSERT can take several hours and be a drag on server resources, agencies are advised to run the tool during off-peak hours.
CISA, the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results.ĬISA is ordering agencies with on-premises Microsoft Exchange servers to urgently conduct the scans following widespread exploitation of vulnerabilities, in fear that some compromises may have remained undetected.
0 kommentar(er)
