<div dir="ltr"><div><div dir="ltr" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<table bgcolor="#ffffff" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" valign="top">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="border-top:0px solid rgb(0,0,0);border-bottom:1px solid rgb(255,255,255);background-color:rgb(255,255,255);text-align:center" align="center"><span style="font-size:10px;color:rgb(96,96,96);line-height:200%;font-family:verdana;text-decoration:none">Email
not displaying correctly? <a href="http://www.oplin.org/4cast/" style="font-size:10px;color:rgb(0,0,255);line-height:200%;font-family:verdana;text-decoration:none" target="_blank">View
it in your browser.</a></span></td>
</tr>
<tr>
<td style="border-top:0px solid rgb(51,51,51);border-bottom:0px solid rgb(255,255,255);background-color:rgb(255,255,255)">
<center><a><img id="m_-4723093680526269771editableImg1" src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/4cast_email_header.png" title="OPLIN" alt="OPLIN 4Cast" align="middle" border="0"></a></center>
</td>
</tr>
</tbody>
</table>
<table style="width:763px;height:877px" bgcolor="#ffffff" cellpadding="20" cellspacing="0">
<tbody>
<tr>
<td style="font-size:12px;color:rgb(0,0,0);line-height:150%;font-family:'Gothic Sans',sans-serif" bgcolor="#ffffff" valign="top">
<p>
<span style="font-size:20px;font-weight:bold;color:rgb(0,0,0);font-family:arial;line-height:110%">OPLIN 4Cast #744: Patch those servers immediately, but brace for more attacks</span><br>
<span style="font-size:11px;font-weight:normal;color:rgb(102,102,102);font-style:italic;font-family:arial">March 31st, 2021</span></p>
<p style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><img align="left" src="https://4cast.oplin.org/wp-content/uploads/2021/03/security-265130_1280.jpg" alt="A cursor selecting the word Security" width="130" height="94" style="padding-right:14px;padding-top:4px;padding-bottom:4px">
In early March, Microsoft detected multiple 0-day exploits against Exchange Servers, urging customers to update their on-premises systems immediately. They developed a <a rel="noreferrer noopener" href="https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/" target="_blank">one-click mitigation tool</a> to protect Exchange servers against cyberattacks and to fix any existing compromises it found. MIcrosoft warns, however, that "patching a system does not necessarily remove the access of the attacker," and there could be hard days ahead.
</p><ul>
<li style="list-style-type:none">
</li><li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://mytechdecisions.com/network-security/report-microsofts-one-click-exchange-server-mitigation-tool-downloaded-25000-times/" target="_blank">Report: Microsoft’s One-Click Exchange Server Mitigation Tool Downloaded 25,000 Times</a> [<em>MyTechDecisions</em>] "Chinese nation-state hackers are believed to be behind the initial exploits starting in early January, and copycats have been trying to replicate the attack chain since the vulnerabilities were disclosed earlier this month. That makes eliminating this vulnerability and patching systems critical but applying Microsoft’s comprehensive patch can be difficult without dedicated IT personnel."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://fortune.com/2021/03/22/microsoft-tool-protect-cyberattacks-hack/" target="_blank">Microsoft’s one-click tool to protect against cyberattacks is getting lots of downloads</a> [<em>Fortune</em>] "Since the release of the tool, the number of vulnerable systems in the United States has fallen to fewer than 10,000 from at least 120,000 at the peak. Many of the remaining vulnerable systems are tied to small businesses but not limited to any one sector."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.zdnet.com/article/exchange-server-attacks-microsoft-shares-intelligence-on-post-compromise-activities/" target="_blank">Exchange Server attacks: Microsoft shares intelligence on post-compromise activities</a> [<em>ZDNet</em>] "Microsoft is raising an alarm over potential follow-on attacks targeting already compromised Exchange servers, especially if the attackers used web shell scripts to gain persistence on the server, or where the attacker stole credentials during earlier attacks."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.techradar.com/news/microsoft-warns-even-patched-exchange-servers-can-still-be-attacked" target="_blank">Microsoft warns even patched Exchange servers can still be attacked</a> [<em>TechRadar</em>] "Many of the compromised systems have not yet received a secondary action, such as human-operated ransomware attacks or data exfiltration, indicating attackers could be establishing and keeping their access for potential later actions."</li>
</ul>
<div style="text-align:left"> </div>
<p style="text-align:left;font-size:20px;font-family:arial;line-height:110%"><small><strong><em>From the <a href="http://ohioweblibrary.org" target="_blank">Ohio Web Library</a>:</em></strong></small><br>
</p>
<div style="text-align:justify;font-size:16px;font-family:arial;line-height:110%">
<ul>
<li>Dennis, Steven T. “<a href="https://search-ebscohost-com.proxy.oplin.org/login.aspx?direct=true&db=buh&AN=149421645&site=ehost-live" target="_blank">U.S. Sees Progress in Closing Microsoft Exchange Vulnerabilities</a>.” <em>Bloomberg.Com</em>, Mar. 2021, p. N.PAG.</li>
<li>PR Newswire. “<a href="https://search-ebscohost-com.proxy.oplin.org/login.aspx?direct=true&db=bwh&AN=202103160800PR.NEWS.USPR.FL10559&site=ehost-live" target="_blank">KnowBe4 Warns of Rise in Microsoft Exchange Global Security Exploit Attempts</a>.” <em>PR Newswire US</em>, 16 Mar. 2021.</li>
<li>McMullen, Robert. "<a href="https://www.lynda.com/Exchange-Server-tutorials/Microsoft-Exchange-Server-Essential-Training-Installation-Configuration/791365-2.html" target="_blank">Microsoft Exchange Server Essential Training: Installation and Configuration</a>." 17 Jul. 2019.</li>
</ul>
</div>
<div style="text-align:left"> </div>
</td>
</tr>
<tr>
<td valign="top" width="760"><span style="font-size:10px;color:rgb(96,96,96);line-height:100%;font-family:verdana">
<hr>
<div style="text-align:justify">The <strong><em>OPLIN
4cast</em></strong>
is a weekly compilation of
recent headlines, topics, and trends that could impact public
libraries. You can subscribe to it in a variety of ways, such as: <br>
</div>
<div style="text-align:left"> </div>
<ul>
<li style="text-align:justify"><strong>RSS feed.</strong>
You
can receive the OPLIN 4cast
via RSS feed by subscribing to the following URL:
<a href="http://www.oplin.org/4cast/index.php/?feed=rss2" target="_blank">http://www.oplin.org/4cast/index.php/?feed=rss2</a>. </li>
<li style="text-align:justify"><strong>E-mail.</strong>
You
can have the OPLIN 4cast
delivered via e-mail (a'la OPLINlist and OPLINtech) by subscribing to
the 4cast mailing list at
<a href="http://lists.oplin.org/mailman/listinfo/OPLIN4cast" target="_blank">http://lists.oplin.org/mailman/listinfo/OPLIN4cast</a>. </li>
</ul>
</span> </td>
</tr>
<tr>
<td style="text-align:center;font-family:'Century Gothic',sans-serif;border-top:0px solid rgb(255,255,255);background-color:#2c4587;color:#fff" valign="top" width="760">© 2021 Ohio Public Library Information Network<br>
<a href="http://www.slideshare.net/oplin" title="Find us on Slideshare" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/slideshare3.png" alt="Find us on Slideshare"></a>
<a href="http://www.facebook.com/oplin.org" title="Find us on Facebook" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/facebook_0.png" alt="Find us on Facebook"></a>
<a href="https://plus.google.com/107751358238995507967" title="Find us on Google+" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/google+.png" alt="Find us on Google+"></a>
<a href="http://www.twitter.com/oplin" title="Find us on Twitter" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/twitter_0.png" alt="Find us on Twitter"></a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div></div></div></div></div></div></div></div>