News Flash

Federal Government

Posted on: March 15, 2021

CISA Issues Emergency Directive

The Cybersecurity and Infrastructure Security Agency (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange on-premises products. Please review CISA issued ED 21-02 for Microsoft Exchange on-premises products to update or disconnect the products from their networks until updated with the Microsoft patch.

The seriousness of this vulnerability cannot be overstated; the exploitation of it is widespread and is indiscriminate. This vulnerability is already being actively exploited in many thousands of systems and could allow criminal actors to engage in acts threatening to the continuity of operations, such as ransomware, even after patching Microsoft Exchange.

 Everyone using Microsoft Exchange on-premise products needs to immediately: 

  • Check for signs of compromise;
  • If evidence of compromise is found, assume that your organization's network identity has been compromised and begin incident response procedures;
  • Patch Microsoft Exchange with the vendor released patches;
  • If unable to patch immediately or remove the Microsoft Exchange from the network immediately, CISA strongly recommends following alternative mitigations found in Microsoft's blog on Exchange Server Vulnerabilities Mitigations. This should not be taken as an adequate solution for patching. 

Please immediately speak with your IT officials to determine what steps your organization has taken, and if your organization does not have the technical capability to verify network integrity, please consider bringing in a third party to assist you as soon as possible.


Contact: Paul Penna, Legislative Analyst, ppenna@njlm.org, 609 695-3481, x110.

Facebook Twitter Email

Other News in Federal Government

ARP Reporting Requirement Change

Posted on: October 1, 2021

Utilizing Federal Funds? Tell Us How!

Posted on: October 1, 2021

Oct; 1: Federal Budget Update

Posted on: October 1, 2021

National Flood Insurance Program

Posted on: September 24, 2021

Sept. 24 Federal Budget Update

Posted on: September 24, 2021

Census Bureau Releases Data

Posted on: August 13, 2021

Infrastructure Update

Posted on: July 2, 2021

DLGS Posts Portal for ARP Funding

Posted on: June 14, 2021

Shuttered Venue Operator Grants

Posted on: April 30, 2021

American Rescue Plan Update

Posted on: March 26, 2021

American Rescue Plan Signed Into Law

Posted on: March 15, 2021

Congressional Activity on SALT Deduction

Posted on: February 1, 2021

Larger Stimulus Checks Unlikely

Posted on: January 4, 2021

Spending Updates

Posted on: December 14, 2020

National Flood Insurance Program

Posted on: September 24, 2021