Abed_AL-R
Mar 04, 2021Cirrostratus
hafnium attack | exchange iapp
Hi
we're publishing the owa/outlook through f5 ltm and yesterday we received and update that new kind of attack is targeting exchange servers
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
is there anything else we can do on f5 machine other than updating our exchange servers to prevent this kind of attack?
today we are implementing owa web access through apm and 2fa , and direct access to other URLs like:
"/microsoft-server-activesync*"
"/ews*"
"/enterprisevault/*"
"/autodiscover*"
"/mapi*"
"/ecp*"
"/oab*"
Has anyone went through this?