Hi all, if you haven't lived under a rock for the past week, I'm sure you've heard about the 0-day MSExchange vulnerabilities. We want to let you know that Palo Alto Networks has you covered and wanted to make sure you have all the information you need.
Check out the blog to get more information about these vulnerabilities and how PAN can protect you, and learn about the upcoming virtual event where Palo Alto Networks leaders and industry experts will be talking about how to assess your exposure.
Hope this helps !
Just some common things that I've seen the last week and a half:
TL/DR: You need to be making sure you have the information available to actually analyze your organizations exposure to this breach, and if your lacking visibility into traffic now is a great time to remedy that. You also need to be checking systems your Exchange systems would be able to communicate with, and making sure those machines are healthy. Don't cleanup your Exchange systems without making sure you haven't left a backdoor open for further attacks because you didn't analyze your other systems during your incident response.
@BPry you make some great points. Especially about not leaving any back doors open by failing to check systems that MS Exchange communicates with. I appreciate your response and that you went in-depth in a few different ways. Thanks to you and @kiwi for these thoughts.
I would say the obvious and patch. Also Microsoft has release guidance and a way to see if its still vulnerable.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!