Event Details

ONG-ISAC ONG-ISAC and RiskIQ Briefing

View Calendar
March 25, 2021 2:30 pm - 3:30 pm

ONG-ISAC and RiskIQ Briefing

CPE Credits: 1 hour

Title: Microsoft Exchange ProxyLogon Threat Briefing

Abstract: On March 2, 2021, Microsoft issued an out-of-band patch release for Microsoft Exchange to address a series of vulnerabilities which, when chained together, could lead to a system compromise. Based on RiskIQ's Internet Intelligence Graph we were able to scan the internet to quickly understand the scope of the vulnerability, then worked with Microsoft to fingerprint vulnerable instances of exchange.

Key Takeaways:

  • Overview of the vulnerability
  • RiskIQs discovery of vulnerable exchange servers
  • Observations and trends vulnerable servers and patching
  • Overview of actors leveraging this vulnerability
  • How attack surface intelligence can help organizations respond to similar events in the future

Speaker: Steve Ginty, RiskIQ Director of Threat Intelligence

Bio: Steve Ginty has more than ten years of experience as an information security professional focused on incident response, threat intelligence, and data analysis. As co-founder of PassiveTotal (acquired by RiskIQ), he aimed to advance analysis methodologies and processes to make threat investigations and incident response more efficient and effective. Before joining RiskIQ, Steve spent years researching targeted intrusions against Fortune 500 organizations. His experience includes leading teams of multi-disciplined researchers implementing proactive methodologies to track threat actor infrastructure and malware associated with attack activity.