Frankly, it's a tough time to be in cybersecurity. Perhaps the toughest ever. There have been over a dozen zero-days in the past three months alone, with countless organizations across the world affected.
We're barely four months removed from SolarWinds—a watershed attack some thought would set the standard for the impact a vulnerability could have—and already dealing with a new attack that dwarfs it in scale. While it started with espionage actors Hafnium, ESET Research shows that at least 10 APT groups have exploited Microsoft Exchange vulnerabilities. Now more are jumping in, and some organizations are seeing ransomware actors leveraging the vulnerability as well.
With the prevalence of Microsoft Exchange servers across the global attack surface, the sheer size of this incident goes well beyond security. In reality, this is a big data problem.
RiskIQ has continuously collected internet data for more than a decade to solve such a problem. We built our technology to help security teams handle global attacks, and we're experts at discovering attack surfaces from organizational to global in scale. Now, we're working overtime to put this vulnerability’s scope into context and help the world understand if they are exposed and enable them to respond rapidly.
Article Link: https://www.riskiq.com/blog/external-threat-management/microsoft-exchange-server-landscape/