The scan process should be performed weekly for the following four weeks and federal agencies are invited to report any evidence of potential compromise. The agency also asks the federal agencies to report to CISA the results of the scans. CISA also identified Microsoft Exchange servers still in operation and hosted by (or on behalf of) federal agencies that require additional hardening,”ĬISA required federal agencies to download the latest version of Microsoft Safety Scanner (MSERT) and scan their infrastructure by 12:00 pm Eastern Daylight Time on Monday, April 5, 2021. “Since the original issuance of ED 21-02, Microsoft has developed new tools and techniques to aid organizations in investigating whether their Microsoft Exchange servers have been compromised.
“CISA also identified Microsoft Exchange servers still in operation and hosted by (or on behalf of) federal agencies that require additional hardening.” Since the original issuance of ED 21-02, Microsoft has developed new tools and techniques to aid organizations in investigating whether their Microsoft Exchange servers have been compromised.” reads the Supplemental Direction issued by CISA. “Although federal agencies successfully responded to ED 21-02, which included initial efforts to forensically triage and rapidly update Microsoft Exchange servers hosted in the federal enterprise, CISA is directing additional actions to identify compromises that may remain undetected.
The response of the federal agencies was proactive, anyway, the Supplemental Direction to the directive also aims at identifying possible compromises that were previously undetected.
The new directive demands agencies to accelerate the mitigation process and extends the Emergency Directive 21-02 issued by the DHS agency on March 3, 2021. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify Microsoft Exchange servers in their environments impacted by ProxyLogon flaws within five days and take the necessary steps to secure them. The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in their infrastructure within five days.
0 kommentar(er)
