Attacks that leverage Microsoft Exchange vulnerabilities "have escalated," warns CNN. They cite a senior White House official saying the window for updating exposed servers is incredibly short -- "measured in hours, not days."
Why are we hearing this from a "senior White House official" and not Microsoft?
1. Signs point to this attack being launched and leveraged by nation state actor. I.e. It's State sponsored cyberwarfare. That's why the White House is involved.
2. It's weird for the White House to speak about a cybersecurity issue. CNN is reporting on it because it's weird and widespread. I recall similar reporting for e.g. Code Red, Nimda, and Slammer*.
* I just realized that was 18 years ago. Holy crap I'm old.
Back to the topic at hand, Microsoft's official guidance is to patch your servers and look for indicators of compromise. https://www.microsoft.com/secu... [microsoft.com]
Weird chain of notification (Score:4, Interesting)
Attacks that leverage Microsoft Exchange vulnerabilities "have escalated," warns CNN. They cite a senior White House official saying the window for updating exposed servers is incredibly short -- "measured in hours, not days."
Why are we hearing this from a "senior White House official" and not Microsoft?
And why is this from CNN?
Very odd.
Re:Weird chain of notification (Score:2)
There are a few reasons.
1. Signs point to this attack being launched and leveraged by nation state actor. I.e. It's State sponsored cyberwarfare. That's why the White House is involved.
2. It's weird for the White House to speak about a cybersecurity issue. CNN is reporting on it because it's weird and widespread. I recall similar reporting for e.g. Code Red, Nimda, and Slammer*.
* I just realized that was 18 years ago. Holy crap I'm old.
Back to the topic at hand, Microsoft's official guidance is to patch your servers and look for indicators of compromise.
https://www.microsoft.com/secu... [microsoft.com]