Pulse Security said over the past couple of weeks it has worked closely with the Cybersecurity and Infrastructure Security Agency (CISA) as well as FireEye and Stroz Friedberg to investigate and respond quickly to the malicious activity that was identified on its customers’ systems.
The tactic is sophisticated, with firewalls unlikely to block traffic between Exchange servers and potentially giving such traffic a pass in terms of content inspection.
The alert about new exchange bugs come soon after on-premises Exchange customers were told to patch against a campaign actively exploiting a zero-day vulnerability.
With a base of 400,000 clients, SAP chief information security officer said this of the alert: "We want them to be aware of what could be the art of the possible."