March 11, 2021
Good morning, everyone!
If you have a Microsoft Exchange server on premises, please read this important notice.
Yesterday the FBI and CISA issued a joint advisory on the compromise of Microsoft Exchange
Servers. If you have your email in the cloud, this does not apply to you. If you have an
in-house Exchange server, I urge you to read this bulletin
and follow the recommendations immediately.
In particular go to page 10 "Mitigations" note Action 3:
3.Organizations who have identified indications of compromise in Action 1, or did not have the
expertise to conduct Action 1 or 2, should follow these steps and proceed to Action 4:
a.Immediately disconnect Microsoft Exchange on-premises servers.
b.Identify and remove all threat actor-controlled accounts and identified persistence mechanisms.
If you have an Exchange server that has not yet been patched, you should immediately disconnect it from the network and seek expert assistance.
Talk to you again soon!
Security Awareness Training Goes Virtual
Thanks to COVID-19, lots of things are going virtual, and that includes my employee Security Awareness Training. I've set up a small studio in our conference room (nobody there but me) so I can provide live training (almost) just like before! You can see me wave my hands and make faces while a wall of fascinating facts and practical tips slideshow across your screens, wherever you and your employees may be.
Contact me to schedule your employee training sessions. They're fun! ☺