Microsoft Exchange Server patching has gone “extraordinarily well,” the Record reports, and the one-click tool Redmond has made available has been downloaded more than twenty-five-thousand times since its release last week, Fortune writes.
Patching isn’t sufficient: potentially affected organizations must do some threat hunting and remediation before they can consider themselves in the clear. According to CyberScoop, CISA’s acting Director yesterday cautioned that “Patching is not sufficient. There are literally thousands of compromised servers that are currently patched. And these system owners, they believe they are protected.”
Computing reports that BlackKingdom ransomware operators are among those exploiting Exchange Server ProxyLogon vulnerabilities. Attackers also…