Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability

    FBI Obtains Authorization to Access US ServersYour server could have been compromised and the FBI was trying to mitigate the issue without you even knowing it yet.

    Yesterday the Department of Justice revealed in a statement that the FBI was granted access to remove web shells that were installed on compromised web servers. These web servers are related to the Microsoft Exchange vulnerability that we reported earlier last month. 

    In a recent statement by the DoJ, "Many infected system owners successfully removed the web shells from thousands of computers. Others appeared unable to do so, and hundreds of such web shells persisted unmitigated."

    Even though this operation occurred, it is still recommended that if you were compromised to follow Microsoft's advice to ensure your servers are properly patched. In the concluding statement from the FBI, "There's no doubt that more work remains to be done, but let there also be no doubt that the department is committed to playing its integral and necessary role in such efforts."

    The FBI is in the process of letting users affective know if they removed the web shells. This example does show how proactive law enforcement may go if there are future widespread attacks in the future. If you receive an email from the FBI that is legitimate, it's imperative that you ensure your servers are patched correctly. 

    Unfortunately, attacks similar to this will not go away anytime soon. It is very important for your organization to keep up to date with the latest threats. New-school security awareness training can ensure your users are prepared to spot and report any suspicious activity. 

    ZDNet has the full story

     

    Return To KnowBe4 Security Blog

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/kmsat-security-awareness-training-demo

    Topics: Security Awareness Training, Cybersecurity

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews