Top Categories

Spotlight

blue and purple gradient

todayMay 17, 2021

Notices Alias

The Colonial Pipeline Hack and OT Security

Due to the cybersecurity issue at Colonial Pipeline, the Colonial Hack, most of the fuel supply to the east coast has been disrupted for more than a week. It has been reported that the company paid five million dollars in ransom and received decryption keys. Darkside, the hacking group attributed [...]

Top Voted
Sorry, there is nothing for the moment.

Exchange zero-day detection

Notices Alias todayMarch 5, 2021 58

Background
share close

Exchange zero-day vulnerability detection

If you think you were impacted from the Exchange zero-day vulnerability, you can run the list of IPs below in Virus Total to search for any potential indicators of compromise.

PowerShell scripts for hunting threats:

Download them here.

NMAP script for hunting vulnerable servers and validating patches:

Download the NMAP script here.

Bad IPs:

165.232.154.116
157.230.221.198
104.248.49.97
103.77.192.219
104.140.114.110
104.250.191.110
108.61.246.56
149.28.14.163
167.99.168.251
185.250.151.72
192.81.208.169
203.160.69.66
211.56.98.146
5.254.43.18
5.2.69.14
80.92.205.81
91.192.103.43
161.35.45.41
45.77.252.175

Reach out to the team here at Alias if you have any questions at all regarding the zero-day.

We’re here to bring you peace of mind.

Written by: Alias

Rate it

Previous post

Similar posts