Exchange zero-day vulnerability detection

If you think you were impacted from the Exchange zero-day vulnerability, you can run the list of IPs below in Virus Total to search for any potential indicators of compromise.

PowerShell scripts for hunting threats:

Download them here.

NMAP script for hunting vulnerable servers and validating patches:

Download the NMAP script here.

Bad IPs:

165.232.154.116
157.230.221.198
104.248.49.97
103.77.192.219
104.140.114.110
104.250.191.110
108.61.246.56
149.28.14.163
167.99.168.251
185.250.151.72
192.81.208.169
203.160.69.66
211.56.98.146
5.254.43.18
5.2.69.14
80.92.205.81
91.192.103.43
161.35.45.41
45.77.252.175

Reach out to the team here at Alias if you have any questions at all regarding the zero-day.

We’re here to bring you peace of mind.

March 1, 2021

Workshop Alias

Managing an incident with SentinelOne and Alias

2020 really felt like the year of data breaches, huh? With the rate companies are being attacked, it’s required to know how to manage an incident. Well here’s your chance. ...

Exchange zero-day detection

Exchange zero-day vulnerability detection

PowerShell scripts for hunting threats:

NMAP script for hunting vulnerable servers and validating patches:

Bad IPs:

Previous post

Managing an incident with SentinelOne and Alias

Similar posts

Inc. 5000 Recognizes Alias Infosec as One of the Fastest-Growing Companies in America

The Colonial Pipeline Hack and OT Security

Categories

Recent Posts

The Price of Business – Pen Testing vs. Vulnerability Assessments

World Class Service on a Local Scale

Why Vegas Needs CISOs

To Patch or Not To Patch? That Is The Question

Appreciate Your IT