ML21064A380: Difference between revisions

From kanterella
Jump to navigation Jump to search
(StriderTol Bot insert)
 
(StriderTol Bot change)
Line 16: Line 16:


=Text=
=Text=
{{#Wiki_filter:March 10, 2021 SECURITY ADVISORY FOR POWER REACTORS, INCLUDING THOSE UNDER CONSTRUCTION; NONPOWER PRODUCTION AND UTILIZATION FACILITIES; DECOMMISSIONING REACTORS, INCLUDING THOSE THAT ARE PERMANENTLY DEFUELED BUT HAVE NOT TRANSITIONED TO DECOMMISSIONING; FUEL FABRICATION, ENRICHMENT, AND CONVERSION/DECONVERSION FACILITIES; INDEPENDENT SPENT FUEL STORAGE INSTALLATIONS; LICENSEES POSSESSING SPECIAL NUCLEAR MATERIAL UNDER TITLE 10 OF THE CODE OF FEDERAL REGULATIONS PART 70; LICENSEES REGULATED UNDER TITLE 10 OF THE CODE OF FEDERAL REGULATIONS PART 37; AND ALL RADIATION CONTROL PROGRAM DIRECTORS AND STATE LIAISON OFFICERS SA 2021-05
{{#Wiki_filter:}}
 
==SUBJECT:==
SITUATIONAL AWARENESSMICROSOFT EXCHANGE SERVER VULNERABILITIES The U.S. Nuclear Regulatory Commission (NRC) is issuing this security advisory to provide situational awareness to its licensees and Agreement States. On March 3, 2021, the U.S.
Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) published Alert AA21-062A, Mitigate Microsoft Exchange Server Vulnerabilities (https://us-cert.cisa.gov/ncas/alerts/aa21-062a), which describes several identified vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to execute arbitrary code on vulnerable Microsoft Exchange Server products, enabling the attacker to gain persistent system access, as well as access to files and mailboxes on the server and to credentials stored on that system.
While the NRC is not aware of specific threats to exploit this vulnerability targeting NRC-regulated activities, CISA partners have observed active exploitation of these vulnerabilities.
The CISA alert discusses tactics, techniques, and procedures and the indicators of compromise associated with this malicious activity, as well as mitigative actions. The NRC recommends that all addressees review the CISA alert and associated releases (https://www.cisa.gov/publication/mitigate-microsoft-exchange-premise-product-vulnerabilities),
and take mitigative actions as appropriate, in accordance with applicable licensee cybersecurity plans and procedures.
Suspicious activity reporting is important to the U.S. Governments security mission. The NRC encourages its licensees to remain vigilant and report cyber-related suspicious activity to CISA.
Licensees subject to Title 10 of the Code of Federal Regulations (10 CFR) 73.54, Protection of digital computer and communication systems and networks, are reminded of their obligation to report to the NRC certain cyber-related events under 10 CFR 73.77, Cyber security event notifications.
 
If you have any questions concerning this advisory, contact the technical point of contact below.
Backfit Analysis Statement: This security advisory does not amend or impose new requirements or constitute a new or different regulatory staff position interpreting Commission rules and, therefore, does not constitute backfitting as defined in 10 CFR 50.109, Backfitting, or 10 CFR 70.76, Backfitting, or 10 CFR 72.62, Backfitting. Consequently, the staff did not perform a backfit analysis.
Paperwork Reduction Act Statement: This security advisory does not contain information collections and, therefore, is not subject to the requirements of the Paperwork Reduction Act of 1995 (Title 44 of the United States Code, Section 3501, et seq.).
Approved by:  /RA____________________
Sabrina D. Atack, Director Division of Security Operations Office of Nuclear Security and Incident Response Technical
 
==Contact:==
Brian Yip, NSIR 301-415-3154 brian.yip@nrc.gov 2
 
ML21064A380 OFFICE NSIR/DSO/SOSB QTE                    NSIR/DSO/SOSB NSIR/DSO/ILTAB NAME BYip              KAzariah-Kribbs    TKeene        JWhitney for RRichardson DATE    03/05/2021      03/05/2021          03/08/2021    03/08/2021 OFFICE NSIR/DPCP/CSB NSIR/DSO              NSIR/DPR      NSIR/DPCP NAME JBeardsley        SAtack              KBrock        SHelton DATE    03/08/2021      03/08/2021          03/08/2021    03/08/2021 OFFICE NRR/DRO          NRR/DNRL            NRR/DANU      NMSS/DUWP NAME GSuber for        RCaldwell for      MShams        PHolahan CMiller        ABradford DATE    03/08/2021      03/08/2021          03/08/2021    03/08/2021 OFFICE NMSS/DFM        NMSS/MSST          OGC          NSIR:OD NAME CRegan for        KWilliams          NStAmour      MGavrilas AKock DATE    03/08/2021      03/08/2021          03/09/2021    03/09/2021 OFFICE NSIR/DSO NAME SAtack DATE    03/10/2021}}

Revision as of 01:22, 18 January 2022

Security Advisory 2021-05, Situational Awareness - Microsoft Exchange Server Vulnerabilities
ML21064A380
Person / Time
Issue date: 03/10/2021
From: Sabrina Atack
Division of Security Operations
To:
Yip B
References
SA 2021-05
Download: ML21064A380 (3)
v  d  e


Text

Retrieved from "https://kanterella.com/w/index.php?title=ML21064A380&oldid=3399173"