Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities

Microsoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically, while the Cybersecurity and Infrastructure Security Agency (CISA) has released CHIRP, a forensic tool that can help defenders find IoCs associated with the SolarWinds attackers’ activities. “Similar to the CISA-developed Sparrow tool—which scans for signs of APT compromise within an M365 or Azure environment—CHIRP scans for signs of APT compromise within an on-premises environment,” the agency noted. Automatically mitigate … More →

The post Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities appeared first on Help Net Security.

click here to read full Article

Read More on latest Security Updates