PSA: It’s 10PM, Do You Know Where Your Lync Servers Are?
Summary
This article highlights the persistent presence and potential security risks associated with Microsoft Lync servers in external network engagements. The author notes finding Lync servers on all recent external assessments, indicating they remain an overlooked attack surface.
IFF Assessment
FOE
The article identifies an overlooked and potentially vulnerable server type that attackers can leverage, posing a risk to defenders.
Defender Context
Defenders should be aware that legacy systems like Microsoft Lync may still be present in their environments and could be unpatched or misconfigured. Regularly auditing for and securing these types of servers is crucial to prevent potential exploitation.