Microsoft Data Breach: Quick Answers Remain Crucial for Companies

18. March 2021

The attack on Microsoft Exchange Server is still classified as business-critical by the Federal Office for Information Security  (see German security warning) and is still causing great uncertainty among companies. Meanwhile, additional hacker groups are focusing on the vulnerability which means that attack methods continue to vary and the threat situation is becoming increasingly complex.

There are security updates to fix the vulnerability. However, how do companies get information about their threat situation?

Of course, system administrators should immediately install the security updates provided by Microsoft. It is important though to conduct further security checks. This is the only way to learn whether hackers have already been active. If your IT systems were already compromised before the updates were applied, attackers can also gain access in the future through built-in backdoors or further extend their attack. Therefore, you should immediately check the following:

  • Are your systems affected by the vulnerability?
  • Has the vulnerability already been exploited on your systems and have any traces been covered up?
  • Are attackers currently active in your systems?
  • Have backdoors or remote shells been installed on your servers?

Act quickly – We are here for you

We provide you with quick answers by performing a THOR forensic scan. This pragmatic process approach identifies the vulnerability, shows whether it has already been exploited and indicates if hackers have created backdoors. You quickly gain clarity and can act accordingly. An extensive IT forensic investigation only makes sense in cases of a well-founded suspicion.

Contact us, we are happy to help you.

Also interesting:

SWIFT CSCFv2025 - The Three Most Important Questions About the Update

SWIFT CSCFv2025 - The Three Most Important Questions About the Update

Users of the SWIFT network are required to demonstrate compliance with the mandatory security controls through an annual independent audit in accordance with the Customer Security Control Framework (CSCF). As part of this SWIFT Assessment, the security of an...

From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings

From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings

In the dynamic field of cybersecurity, it is often the obscure and long-forgotten vulnerabilities that pose a hidden threat to otherwise hardened systems. One such vulnerability lies in invalid character encodings that violate the UTF-8 standard. While overlong UTF-8...

Categories

Categories