I meant to write this earlier, but I just didn’t have enough time, because of the research and many things I’m doing to remediate this mess inside my network. Microsoft breach has quickly became one of the ugliest events in recent IT history, on par with Solarwinds. Adversaries used unknown flaw in Microsoft Exchange for more than two months to exploit 10s of thousands of organizations around the world. Microsoft patched exploit on 02.March 2021 but not everyone became aware of the seriousness of the situation immediately, so many environments are still unprotected. After exploit became publicly known many new actors entered the game, and now many new threats are looming, ransomware being one of them. What should we do?Read More
Microsoft Exchange Hafnium breach is turning into one of the ugliest security incidents ever, really fast. Here I will try to explain my steps in the process, and what my stages of investigation were (so far). If you already know about problem, I will be happy to share some new info and also learn something new from you.
Updated 10 March 2021 – with new info about scripts and link to website check if you were breached (at the bottom of the post).
Updated 11 March 2021 – Looks like CompareExchangeHashes.ps1 script works ok now.
Updated 11 March 2021 – I see a lot of skepticism howt to proceed further with this – here I can offer my observations/opinions – https://www.informaticar.net/what-to-do-if-you-were-breached-by-hafnium-exchange-breach/Read More
In this short guide we will learn how to connect machine with Ubuntu (20.04) installation to Active Directory.Read More
In this guide we will try to setup email server with Postfix (MTA), Dovecot (MDA) and Roundcube as webmail server.
As someone who is coming from years on working with Microsoft Exchange, it was hard for me to find a good replacement for Exchange on Linux. I went through a lot of different combinations on Linux, and this one I’m going to write about today is one of them that I think is worth trying.Read More
I mentioned already few times, and I will mention it again probably – CentOS is no more a viable option for anything that needs stability in my workflow, so I’m focusing on Debian-Ubuntu alternative. First thing you want to do to on every machine, especially if it is internet oriented is – security hardening. I will go here through some of my steps for Ubuntu.Read More