The Ms Exchange hack is obviously a mess. We have been fortunate in that almost all interfaces to our exchange server have isolated from the outside. The only one, which is now shut-off, was the activesync connection through our pulse secure box.
Is there any sense of level of exposure that the activesync connection presented with the Hafnium hack? Using the microsoft and other scripts, we don't appear to have any symptoms of Indications of Compromise (IOC). However we talked about it internally, and cannot judge the nature of the exposure we had with the pulse secure ativesync connection.
Does anyone have thoughts in this regard?