Microsoft Data Breach: Quick Answers Remain Crucial for Companies

18. March 2021

The attack on Microsoft Exchange Server is still classified as business-critical by the Federal Office for Information Security  (see German security warning) and is still causing great uncertainty among companies. Meanwhile, additional hacker groups are focusing on the vulnerability which means that attack methods continue to vary and the threat situation is becoming increasingly complex.

There are security updates to fix the vulnerability. However, how do companies get information about their threat situation?

Of course, system administrators should immediately install the security updates provided by Microsoft. It is important though to conduct further security checks. This is the only way to learn whether hackers have already been active. If your IT systems were already compromised before the updates were applied, attackers can also gain access in the future through built-in backdoors or further extend their attack. Therefore, you should immediately check the following:

  • Are your systems affected by the vulnerability?
  • Has the vulnerability already been exploited on your systems and have any traces been covered up?
  • Are attackers currently active in your systems?
  • Have backdoors or remote shells been installed on your servers?

Act quickly – We are here for you

We provide you with quick answers by performing a THOR forensic scan. This pragmatic process approach identifies the vulnerability, shows whether it has already been exploited and indicates if hackers have created backdoors. You quickly gain clarity and can act accordingly. An extensive IT forensic investigation only makes sense in cases of a well-founded suspicion.

Contact us, we are happy to help you.

Also interesting:

usd PCI Best Practice Workshop 2021

usd PCI Best Practice Workshop 2021

For many years, the usd PCI Best Practice Workshop has brought together responsible PCI personnel from companies of all sizes and from all industries to discuss current topics from the world of payment card industry together with PCI experts from usd. The interactive...

3 Reasons for a Cloud Security Audit

3 Reasons for a Cloud Security Audit

Outsourcing applications and data to the cloud brings significant benefits for companies, but at the same time also new challenges for the corresponding IT departments. The technologies and processes of a cloud environment differ from those of local data centers....

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

usd HeroLab Top 5 Vulnerabilities 2020: SMB 1.0 & SMB Signing

During penetration tests our security analysts repeatedly uncover gateways in IT systems and applications that pose significant risks to corporate security. They increasingly identify the same vulnerabilities in different IT assets, some of which have been known for...

Categories

Categories