Request Demo

test mobile menu

Home ArmorPoint Pinpoints Increase in Attacks Targeting On-Premise Exchange Servers

Company News, Cybersecurity News

ArmorPoint Pinpoints Increase in Attacks Targeting On-Premise Exchange Servers

By Ashley Capps

August 16, 2023

New trend in attacks spotted by ArmorPoint Security Operations Center

In the rapidly evolving landscape of cybersecurity, it’s crucial to stay ahead of the game when it comes to protecting sensitive data and systems. At ArmorPoint, we’ve been closely monitoring a concerning trend: a marked increase in attacks targeting on-premise Exchange Servers. In this article, we delve into the details of these attacks and offer practical steps to fortify your defenses.

Rise in Remote Code Execution (RCE) Vulnerabilities

One alarming trend we’ve identified is the surge in attempts to exploit Remote Code Execution (RCE) vulnerabilities, both new and old. While advanced Endpoint Detection and Response (EDR) solutions like Cybereason provide a safety net against remote code execution and malware downloads on devices, they should be just one layer of your comprehensive security approach. Maintaining a robust security posture involves a multi-faceted strategy, starting with regular updates to all software and operating systems. By diligently applying recommended security patches, you can significantly reduce the risk of falling victim to RCE attacks.

Strengthening Exchange Server Security

In recent times, attacks against on-premise Exchange Servers have become more prevalent. High-profile vulnerabilities affecting Exchange Servers have garnered attention from malicious actors, underscoring the importance of proactive security measures. To safeguard your systems, it’s imperative to keep your Exchange Servers up-to-date with the latest security patches. While migrating to cloud-based solutions is a consideration, remember that vigilant monitoring and periodic review of security settings are essential for both on-premise and cloud environments.

Guarding Against Threats: A Holistic Approach

The ArmorPoint approach to combating these threats involves a multi-layered defense. Our systems proactively block attacks that target devices protected by Cybereason. For instance, if a customer’s web server is hit with an RCE attack due to a vulnerable application, the malicious commands executed from the application are promptly detected and intercepted by our EDR. To avoid such attacks, diligently adhering to patching and update schedules is crucial. Regular Vulnerability Scans can also help identify potential vulnerabilities before they’re exploited.

Lessons from the Field: Protecting Web Servers

In our Trapp/Brinkster hosted web server environment, we’ve encountered instances where customer websites vulnerable to RCE attacks have inadvertently exposed our servers to malicious code. Swift action is taken to block or quarantine these attacks automatically. This serves as a reminder that multiple websites remain vulnerable to RCE attacks, possibly leading to data breaches or infections that compromise user information. Ensuring the security of your web applications is paramount to safeguarding your organization and its stakeholders.

MEDIA CONTACT

Ashley Capps

Chief Marketing Officer, Trapp Technology and ArmorPoint

acapps@armorpoint.com

About the Author

Ashley Capps

acapps@trapptechnology.com

Chief Marketing Officer, ArmorPoint

Related Insights

Articles

From Crisis to Continuity: Understanding the Importance of IR, DR, and BCP

With the average cost of downtime now reaching approximately $9,000 per minute, the urgency for comprehensive Incident Response Plans (IRP), Disaster Recovery (DR), and Business Continuity Plans (BCP) has never been more necessary. In the face of evolving cybersecurity threats, natural disasters, and operational disruptions, these…

Articles

Securing the Future of Healthcare: Understanding the HHS’ Cybersecurity Performance Goals

With the digital transformation of the healthcare sector comes an ever-growing cybersecurity threat landscape. In response, the U.S. Department of Health and Human Services (HHS) has introduced a set of voluntary Cybersecurity Performance Goals (CPGs) aimed at strengthening the defenses of healthcare organizations against these threats.

Threat Intel

April 2024 Cybersecurity Roundup: The Xeno Effect and Beyond

The latest insights from ArmorPoint Analysts for April 2024 have brought to light the relentless pace and evolving nature of cybersecurity threats, from increasingly elaborate phishing attacks to continuously aggressive ransomware groups. Key Findings from April 2024 Sophisticated Phishing Attacks Using Xeno A significant development is the…

Subscribe to Our Insights

Receive exclusive updates, industry news, and advice for future-proofing your business delivered straight to your inbox every month.

Security Solutions

Company

Resources

Awards