<div dir="ltr"><div dir="ltr">On Fri, Mar 5, 2021 at 4:26 PM Eric Kuhnke <<a href="mailto:eric.kuhnke@gmail.com">eric.kuhnke@gmail.com</a>> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>ISPs/NSPs with customers running self hosted or on-premises Exchange may want to be aware of this.</div><div><br></div><div><br></div><div><a href="https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/" target="_blank">https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/</a></div><div><br></div><div><a href="https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/" target="_blank">https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/</a></div></div></blockquote><div><br></div><div>Yes, and CISA released an alert and an emergency directive.</div><div><br></div><div><a href="https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emergency-directive-and-alert-microsoft-exchange">https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emergency-directive-and-alert-microsoft-exchange</a><br></div><div><br></div><div><br></div><div> </div></div></div>