Exchange zero-day vulnerability detection

If you think you were impacted from the Exchange zero-day vulnerability, you can run the list of IPs below in Virus Total to search for any potential indicators of compromise.

PowerShell scripts for hunting threats:

Download them here.

NMAP script for hunting vulnerable servers and validating patches:

Download the NMAP script here.

Bad IPs:

165.232.154.116
157.230.221.198
104.248.49.97
103.77.192.219
104.140.114.110
104.250.191.110
108.61.246.56
149.28.14.163
167.99.168.251
185.250.151.72
192.81.208.169
203.160.69.66
211.56.98.146
5.254.43.18
5.2.69.14
80.92.205.81
91.192.103.43
161.35.45.41
45.77.252.175

Reach out to the team here at Alias if you have any questions at all regarding the zero-day.

We’re here to bring you peace of mind.

January 21, 2021

1099
4

Blog Alias

How To Create A Threat Model in 7 Easy Steps With Our Template

How To Create A Threat Model in 7 Easy Steps With Our Threat Model Template Our team here at Alias is made up of hackers turned security professionals. In fact, ...

Exchange zero-day detection

Exchange zero-day vulnerability detection

PowerShell scripts for hunting threats:

NMAP script for hunting vulnerable servers and validating patches:

Bad IPs:

Previous post

How To Create A Threat Model in 7 Easy Steps With Our Template

Similar posts

Inc. 5000 Recognizes Alias Infosec as One of the Fastest-Growing Companies in America

The Colonial Pipeline Hack and OT Security

Categories

Recent Posts

The Critical Role of Data Inventory in Cybersecurity

Critical Security Alert: CVE-2024-10924 and the “Really Simple Security” WordPress Plugin

The Price of Business – Pen Testing vs. Vulnerability Assessments

World Class Service on a Local Scale

Why Vegas Needs CISOs