In testimony before the Homeland Security Subcommittee, Eric Goldstein, CISA’s executive assistant director for cybersecurity stated, “At this point in time there are no federal civilian agencies that are confirmed to be compromised by this campaign”, according to a news report published by BleepingComputer. CISA has also stated that they are still in the beginning of their investigation, so that statement is subject to change. US federal government agencies were ordered to immediately patch or disconnect Exchange servers from the Internet last week. Many private companies have apparently not taken the vulnerabilities as seriously, though—the Dutch Institute for Vulnerability Disclosure announced that it scanned the Internet and found 46,000 Exchange serves still unpatched. Threat groups have been scanning for vulnerable Exchange servers and many of them have likely found the same or similar number of servers. As exploit code has become more publicly available, more vulnerable servers will be hacked and likely held for ransom.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security