Exchange Server Exploits: How to Spot and Stop Vulnerabilities Resulting From HAFNIUM Attacks

True, false or maybe?

• If you use Exchange Online, then HAFNIUM and the Exchange Server exploit do not affect you.
• The most likely consequence of the exploit is credential dumping.
• If you’ve been attacked through the exploit, the best practice is to rebuild Active Directory.

Attacks against multiple vulnerabilities in Exchange Server have left system administrators like you scrambling for answers. That’s why “maybe” is the most prudent choice for those three statements.

Read this technical brief with perspectives on the exploit from four cybersecurity experts, including special insights for users of Change Auditor. Make sure you’re doing everything you can to patch, mitigate and investigate.