On March 2, 2021, Microsoft Security Response Center released updates related to vulnerabilities affecting on-premises deployments of Microsoft Exchange Server 2013/2016/2019. Microsoft also revealed details around active exploitation of these vulnerabilities using zero-day exploits. This RQ Threat Advisory outlines the vulnerability and its exploitation in more detail including IoCs (indicators of compromise) and GreyMatter detection capabilities mapped to MITRE ATT&CK and the Kill Chain.
Is your security team blind to the activities in more than half of its IT assets? That was just one of the findings in a new report from 451 Research, based on in-depth interviews with security leaders across 150 large enterprises and focused on the challenges facing their teams. On average, the report found SIEMs […]
Enterprise Security teams are looking for proven ways to increase the visibility of their security programs while also optimizing technology investments. A large number of organizations have implemented Endpoint Detection and Response (EDR) solutions and many others are considering it. While these solutions are best known as being effective incident response tools, they also help […]
When integrated across security controls, threat intelligence allows security teams to increase detection rates, speed response times, and mitigate their most serious risks. But finding the balance between too little and too much intel – and then automating the integration of these feeds – is the challenge. Too little intel, and your organization runs the […]