SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Top of the News
Tenable Analysis: Many Exchange Servers Remain Unpatched Against ProxyLogon
Top Of The News 1 content Tenable researchers' analysis of Salt Typhoon's activity indicates that at least one of the vulnerabilities exploited by the state-sponsored threat actors remains largely unpatched. More than 90 percent of publicly-exposed Microsoft Exchange Servers are not patched against a critical remote code execution vulnerability, known as ProxyLogon, that was disclosed nearly four years ago. Tenable researchers contrast that number with other vulnerabilities exploited by Salt Typhoon: analysis of unpatched instances of 'Ivanti vulnerabilities (CVE-2023-46805 and CVE-2024-21887) ... found that these devices were fully remediated in over 92% of cases.'
Editor's Notes
Slide 1 of 0Older Exchange Servers Cannot Receive Emergency Mitigation Definitions
Microsoft is cautioning users that outdated Exchange servers are unable to receive emergency mitigation definitions due to a deprecated Office Configuration Service certificate type. The Exchange Emergency Mitigation Service (EEMS), which was introduced in September 2021 'automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws to secure on-premises Exchange servers against attacks. It detects Exchange Servers vulnerable to known threats and applies interim mitigations until security updates are released.' Exchange server versions older than 2023 are urged to update so they can receive emergency mitigations.
Editor's Notes
Slide 1 of 0
The Rest of the Week's News
Microsoft WSUS Driver Synchronization Deprecation
Rest Of The News content 1 Microsoft has published a reminder that driver synchronization updates via Windows Server Update Services (WSUS) will be deprecated as of April 18, 2025. Microsoft initially announced the deprecation in June 2024, at which time they encouraged users to adopt newer cloud-based driver services. WSUS was introduced in 2005.
Editor's Notes
Slide 1 of 0Rest of the news entry 2 no references
Microsoft has published a reminder that driver synchronization updates via Windows Server Update Services (WSUS) will be deprecated as of April 18, 2025. Microsoft initially announced the deprecation in June 2024, at which time they encouraged users to adopt newer cloud-based driver services. WSUS was introduced in 2005.
Editor's Notes
While many organisations have migrated their core email services to cloud-based solutions,many still run on-premises Exchange servers to support legacy systems or enable ongoing migration of accounts to the cloud. However, it is important to remember that just because you have moved your core email services to the cloud you should not forget your on-premises environments and ensure they remain secure.
Rest of the news entry 3
Microsoft has published a reminder that driver synchronization updates via Windows Server Update Services (WSUS) will be deprecated as of April 18, 2025. Microsoft initially announced the deprecation in June 2024, at which time they encouraged users to adopt newer cloud-based driver services. WSUS was introduced in 2005.
Editor's Notes
While many organisations have migrated their core email services to cloud-based solutions,many still run on-premises Exchange servers to support legacy systems or enable ongoing migration of accounts to the cloud. However, it is important to remember that just because you have moved your core email services to the cloud you should not forget your on-premises environments and ensure they remain secure.
Internet Storm Center Tech Corner
SANS ISC Stormcasts
Lorem ipsum dolor sit amet consectetur. Vitae vitae diam urna imperdiet. Ultrices tortor donec cursus ut pretium vehicula in in. Lorem ipsum dolor sit amet consectetur. Vitae vitae diam urna imperdiet. Ultrices tortor donec cursus ut pretium vehicula in in. Lorem ipsum dolor sit amet consectetur. Vitae vitae diam urna imperdiet. Ultrices tortor donec cursus ut pretium vehicula in in.
test
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scramble
test
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scramble
