Cybersecurity experts from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance aimed at enhancing security for on-premises Microsoft Exchange Servers. The guidance builds upon previous recommendations, compiling advice from Microsoft and the broader security community, and provides a coherent plan for organizations to bolster defenses against persistent threats.
The recommendations encourage practices such as restricting administrative access, implementing multi-factor authentication, and regularly applying security patches. Despite being known practices, the guide emphasizes the implementation strategy and coherence of the advice given, which is seen as critical given the complexity and vulnerabilities endemic to Microsoft Exchange Servers. The urgency for such guidance is underscored by the significant targeting of these servers by cybercriminals and nation-states alike.
Experts suggest that the government’s unprecedented involvement indicates a serious need for improved security frameworks, as many weaknesses have been exploited in past ransomware attacks dating back to 2021. With Exchange Server flagged repeatedly in CISA’s vulnerability catalog, the collective effort of international agencies signifies an urgent call to action for organizations to secure their systems effectively.
👉 Pročitaj original: CyberScoop
