Menu
CERT NZ finds hundreds of local Exchange servers vulnerable to attack

CERT NZ finds hundreds of local Exchange servers vulnerable to attack

CERT NZ strongly recommended Exchange users immediately apply the latest security updates.

Credit: Rob O'Neill

Cyber security agency CERT NZ identified almost 500 vulnerable Microsoft Exchange email servers and over 100 compromised email servers in the first quarter of 2021. 

Most of the compromised mail servers belonged to small businesses, with a number of large organisations also affected.

A global wave of cyber attacks and breaches began in January after four zero-day exploits were discovered in on premises Exchange servers, 

CERT NZ also received reports about attackers exploiting the vulnerabilities, its latest report said.

"The attackers exploited four newly discovered Microsoft Exchange vulnerabilities to gain access to the Microsoft Exchange server," CERT NZ reported today.

The attackers begin by scanning for vulnerable targets on the internet. They then send a malicious request to the server to gain unauthenticated access. 

"Once they have access, they deploy a web shell (backdoor) that allows the attackers to steal data, view emails on the server as well as send emails and carry out further malicious activity like ransomware, phishing and invoice scams."

In response, CERT NZ issued an advisory alerting New Zealanders to the issue and included steps to prevent and mitigate possible attacks.

CERT NZ also contacted internet service providers (ISPs) with information on vulnerable and compromised IP addresses, and provided resources they could forward to the affected individuals and businesses.

CERT NZ strongly recommended Exchange users immediately apply the latest security updates for both Exchange and antimalware systems, including Microsoft’s One-click Microsoft Exchange on-premises mitigation tool and scanning tool.

Users should also change any passwords related to their Microsoft Exchange servers.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoft exchangeCERT NZcyber security

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments