Today is a dangerous day for companies that have on-premises versions of Microsoft Exchange Server. Yesterday, March 2, Microsoft announced that it detected multiple 0-day exploits being used in limited and targeted attacks, which means that the hackers know they only have a couple of days left to exploit the hack until the vulnerability is patched.

Microsoft said it believes that Hafnium, “a group assessed to be state-sponsored and operating out of China,” carried out the attacks. Microsoft did not offer evidence supporting the assessment, but said the “state-sponsored” actor was identified by the Microsoft Threat Intelligence Center based on observed “tactics and procedures.”

If you’ve read this far, you should take a moment to ask your IT people if they are aware of the threat. While it has been widely publicized, it has also been made political… which it may be, but that doesn’t mean anything in this context. Make sure your on-premises Microsoft Exchange Server instances are patched and up to date.

Author’s note: This is not a sponsored post. I am the author of this article and it expresses my own opinions. I am not, nor is my company, receiving compensation for it.

About Shelly Palmer

Shelly Palmer is a business advisor and technology consultant. He helps Fortune 500 companies with digital transformation, media and marketing. Named LinkedIn's Top Voice in Technology, he is the host of the Shelly Palmer #strategyhacker livestream and co-host of Techstream with Shelly Palmer & Seth Everett. He covers tech and business for Good Day New York, writes a weekly column for Adweek, is a regular commentator on CNN and CNBC, and writes a popular daily business blog. Follow @shellypalmer or visit shellypalmer.com

Tags

Categories

PreviousZoom's Financials and Innovation NextNet Neutrality in 3 Minutes

Get Briefed Every Day!

Subscribe to my daily newsletter featuring current events and the top stories in technology, media, and marketing.

Subscribe