CISA publishes best practices security guide on Microsoft Exchange servers, following August emergency directive

The Cybersecurity and Infrastructure Security Agency has released a blueprint with the National Security Agency and international partners outlining best practices for Microsoft Exchange servers using zero trust practices, following an August emergency directive on a vulnerability affecting the server’s hybrid configuration.

The best practices guide serves to “encourage people to understand the continuous evolving nature of the threat, but also enable defenders with some specific tools and recommendations they can take action with,” CISA cyber chief Nick Andersen...