CISA Issues Emergency Directive on Actively Exploited Microsoft Exchange Vulnerabilities
Google to jettison individual cookies, Okta plunges after announcing $6.5 billion purchase of Auth0, Qualys latest victim of Accellion FTA flaw, Brave to launch a privacy-oriented browser, and more
Don’t miss a thing in the infosec world. Support Metacurity and sign up for a premium subscription today!
The US Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive following the release of fixes for zero-day vulnerabilities in Microsoft Exchange, saying that partner organizations have detected "active exploitation of vulnerabilities in Microsoft Exchange on-premise products."
The vulnerabilities represent an "unacceptable risk to Federal Civilian Executive Branch agencies,” and agencies are ordered to begin triaging their network activity, system memory, logs, Windows event logs, and registry records to find any indicators of suspicious behavior. (Charlie Osborne / ZDNet)
Related: The Hill: Cybersecurity, FCW, HealthITSecurity, Cyberscoop, Dark Reading: Vulnerabilities / Threats, Homeland Security Today, Qualys Blog, Blogs | Zscaler, Business Standard, NBC News, HOTforSecurity, HackRead, SC Magazine, Unit 42 - Palo Alto Networks, Tech.Co, Cyber.dhs…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.