News Flash Home
The original item was published from 3/15/2021 4:46:19 PM to 3/16/2022 12:00:07 AM.

News Flash

Federal Government

Posted on: March 15, 2021

[ARCHIVED] CISA Issues Emergency Directive

The Cybersecurity and Infrastructure Security Agency (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange on-premises products. Please review CISA issued ED 21-02 for Microsoft Exchange on-premises products to update or disconnect the products from their networks until updated with the Microsoft patch.

The seriousness of this vulnerability cannot be overstated; the exploitation of it is widespread and is indiscriminate. This vulnerability is already being actively exploited in many thousands of systems and could allow criminal actors to engage in acts threatening to the continuity of operations, such as ransomware, even after patching Microsoft Exchange.

 Everyone using Microsoft Exchange on-premise products needs to immediately: 

  • Check for signs of compromise;
  • If evidence of compromise is found, assume that your organization's network identity has been compromised and begin incident response procedures;
  • Patch Microsoft Exchange with the vendor released patches;
  • If unable to patch immediately or remove the Microsoft Exchange from the network immediately, CISA strongly recommends following alternative mitigations found in Microsoft's blog on Exchange Server Vulnerabilities Mitigations. This should not be taken as an adequate solution for patching. 

Please immediately speak with your IT officials to determine what steps your organization has taken, and if your organization does not have the technical capability to verify network integrity, please consider bringing in a third party to assist you as soon as possible.


Contact: Paul Penna, Legislative Analyst, ppenna@njlm.org, 609 695-3481, x110.

Facebook Twitter Email

Other News in Federal Government

FY2023 Federal Omnibus Budget Passed

Posted on: January 9, 2023

SHBP Update: No Relief In New Year

Posted on: December 30, 2022

Federal Budget Update

Posted on: December 23, 2022

Federal Budget Update

Posted on: December 19, 2022

Blog Post: Available Federal Grants

Posted on: September 27, 2022

President Signs CHIPS and Science Act

Posted on: August 12, 2022

Inflation Reduction Act Activity

Posted on: August 12, 2022

Ground Broken on Portal North Bridge

Posted on: August 8, 2022

Second Tranche of ARP SLRF Expected

Posted on: June 13, 2022

ARP & BIL Presentation

Posted on: May 13, 2022

Scam Targeting ARPA SLFRF NEUs

Posted on: April 13, 2022

Federal Budget Update

Posted on: March 14, 2022

NTIA Host Pre-Funding Webinar Series

Posted on: March 14, 2022

Federal Budget Update

Posted on: February 24, 2022