ONG-ISAC ONG-ISAC and RiskIQ Briefing
ONG-ISAC and RiskIQ Briefing
CPE Credits: 1 hour
Title: Microsoft Exchange ProxyLogon Threat Briefing
Abstract: On March 2, 2021, Microsoft issued an out-of-band patch release for Microsoft Exchange to address a series of vulnerabilities which, when chained together, could lead to a system compromise. Based on RiskIQ's Internet Intelligence Graph we were able to scan the internet to quickly understand the scope of the vulnerability, then worked with Microsoft to fingerprint vulnerable instances of exchange.
- Overview of the vulnerability
- RiskIQs discovery of vulnerable exchange servers
- Observations and trends vulnerable servers and patching
- Overview of actors leveraging this vulnerability
- How attack surface intelligence can help organizations respond to similar events in the future
Speaker: Steve Ginty, RiskIQ Director of Threat Intelligence
Bio: Steve Ginty has more than ten years of experience as an information security professional focused on incident response, threat intelligence, and data analysis. As co-founder of PassiveTotal (acquired by RiskIQ), he aimed to advance analysis methodologies and processes to make threat investigations and incident response more efficient and effective. Before joining RiskIQ, Steve spent years researching targeted intrusions against Fortune 500 organizations. His experience includes leading teams of multi-disciplined researchers implementing proactive methodologies to track threat actor infrastructure and malware associated with attack activity.