Today, CISA, in partnership with the National Security Agency and international cybersecurity partners, released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation by malicious actors.
Threat activity targeting Exchange continues to persist, and organizations with unprotected or misconfigured Exchange servers remain at high risk of compromise.
Best practices in this guide focus on hardening user authentication and access, ensuring strong network encryption, and minimizing application attack surfaces. CISA recommends organizations also decommission any remaining end-of-life on-premises or hybrid Exchange servers after transitioning to Microsoft 365, as retaining the “last Exchange server” can expose organizations to ongoing exploitation activity.
CISA recommends organizations implement Microsoft Exchange Server Best Practices and take steps to decommission end-of-life on-premises Exchange servers in hybrid environments to significantly reduce their risk from cyber threats.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released three Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current…
Microsoft released an update to address a critical remote code execution vulnerability impacting Windows Server…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released eight Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current…
This website uses cookies.