Organizations that run Microsoft Exchange Servers are being urged to apply several bug fixes to the program in response to a hack from a Chinese cybercriminal group.

The cybercriminal group is able to gain access to an Exchange server either by using stolen account credentials or by using the vulnerabilities to disguise as someone who should have access. The group is able to control the compromised server remotely by creating a web shell, a piece of malicious code that gives attackers remote administrative to steal data from an organization’s network.

Subsequently the FDIC proactively reached out to 21CFS and may have reached out to many of you as well to review and discuss Microsoft Exchange configurations and how they may or may not be affected. In our review with FDIC, we have created this memo with action steps that your bank should take for your IT and Cybersecurity departments to immediately review and confirm all email configurations, designs, and patch levels are adequately protected against this and expected future attacks. If you should have any questions, or need guidance on addressing this latest attack, please contact 21CFS today.

Recalibrating to Meet the Demands of the Future

One of the hottest topics on the radars of many bankers is whether the new industrial hemp businesses can be
banked safely and profitably.

Uncover the right Core Processing System for Your Financial Institution

The FASB’s Current Expected Credit Loss (CECL) standard is inching toward reality. The new rules are intended to address concerns…

Steps For Banks To Avoid Problems With Regulators When Using Social Media

Understanding the Rewards and Risks

Checklist to help protect your bank