146 total views
To mitigate these risks, FPT.EagleEye is one of the few SOC solutions that is interested and appreciated, especially after the Zeroday vulnerability event on the Microsoft Exchange On Premise system recently.
Overview of zeroday vulnerabilities and updates from Microsoft
In early March 2021, Microsoft released a security update to fix 7 zeroday bugs for Microsoft Exchange Server On Premise versions 2010, 2013, 2016 and 2019. Among them, a vulnerability was rated at a high CVSS. 9.1 allows hackers to run code remotely and four vulnerabilities are being exploited to create a complete chain of attacks. Accordingly, the attacker group access to the Exchange Server hijack the email, install additional remote control software to steal user data. As of March 2021, more than 92,607 servers around the world were affected, including Vietnam.
There are 92,607 servers worldwide that are affected by zeroday errors of Microsoft Exchange Server according to research from FPT IS.
Three steps to take to update security for Microsoft Exchange Server to ensure safe and secure information for organizations and businesses
To enhance information system security against these vulnerabilities, FPT Cyber Security Center (FPT IS) promptly notified and deployed necessary solutions before March 5, 2021. At the same time, FPT IS also cooperated with Microsoft Vietnam to organize Webinar: Stay Safe with Latest Exchange Server Patch & FPT Security Solution for customers using Microsoft Exchange Server On Premise system.
Webinar: Stay Safe with Latest Exchange Server Patch & FPT Security Solution co-organized by FPT IS and Microsoft Vietnam on March 12.
At the event, security experts assessed the severity of the vulnerabilities; guide organizations and enterprises to fix zeroday vulnerabilities according to the following steps:
Step 1: Update patch from Microsoft and follow for other updates
The first three steps should be taken as follows:
– Evaluate updated Inventory Update Level to update Exchange Server Security Patch
– Schedule updates according to priority of Exchange Servers connecting to the Internet first to avoid being affected directly.
– Manage changes to ensure the stable IT system.
Step 2: Scan and trace the Exchange Server system of the organization or enterprise
In case the server has been hacked, immediately the security team needs to create a checklist to check the entire system, perform an IOC scan (a sign of compromise of attacks) on the entire Exchange Server and other peer-to-peer server.
Step 3: Conduct a daily review and consult with experts
When troubleshooting, daily password reset as well as setting up high security passwords are also recommended to prolong the problem response time for businesses.
Organizations and businesses can find security experts and reputable security solution providers to provide long-term response scenarios and effective monitoring.
To review the webinar and refer to the event documentation, register at: http://bit.ly/3lhTkMV
Ensuring the security and safety of information for businesses, eliminating the risks in the future
Building signs to identify attacks, exploit vulnerabilities and deploy maneuvers of troubleshooting scenarios is one of the prerequisites for organizations and businesses to actively protect the system. , ensure data integrity. With the FPT.EagleEye solution, including FPT.EagleEye mSOC and FPT.EagleEye MDR, the enterprise will be monitored for the entire operation of the system; intrusion control, timely detecting and handling threats in a short time, safely and effectively.
FPT.EagleEye mSOC focuses on monitoring, detecting and handling information security incidents 24/7 for comprehensive control and prevention of network attacks. Typically, after 2 months of deploying the FPT.EagleEye mSOC service, the number of a bank’s warning has decreased from 5,000 alerts / day to 400 / day and reduced the number of tickets to be processed by 80% in the month.
FPT IS Cyber Security Center.
Possessing a team of experienced experts and implementing many projects for large enterprises, financial institutions and banks in Vietnam, FPT Cyber Security Center is proud to be a partner in providing security surveillance services. information safety, quality, efficiency, helping organizations and businesses to dismiss concerns about attacks and intrusions, operate with peace of mind, ensure solid development.
To learn about FPT IS security solutions, visit: https://www.fpt-is.com/security/
#FPT #experts #recommend #security #updates #Zeroday #vulnerabilities