Microsoft Exchange Archives - Page 4 of 5

Pierluigi Paganini March 21, 2021

Microsoft Defender can now protect servers against ProxyLogon attacks

Microsoft announced that its Defender Antivirus and System Center Endpoint Protection now protects users against attacks exploiting Exchange Server vulnerabilities. Microsoft announced this week that Defender Antivirus and System Center Endpoint Protection now provide automatic protection against attacks exploiting the recently disclosed ProxyLogon vulnerabilities in Microsoft Exchange. “Today, we have taken an additional step to […]

Pierluigi Paganini March 16, 2021

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. The IT giant reported that at least one […]

Pierluigi Paganini March 16, 2021

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Microsoft is reportedly investigating whether the recent attacks against Microsoft Exchange servers could be linked to information leaked by a partner security firm. According to a report published by The Wall Street Journal, Microsoft is investigating whether the threat actors behind the recent wave of attacks on Microsoft Exchange servers worldwide may have obtained sensitive […]

Pierluigi Paganini March 15, 2021

ProxyLogon Microsoft Exchange exploit is completely out of the bag by now

A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a new proof-of-concept exploit that could be adapted to install web shells on Microsoft Exchange servers vulnerable ProxyLogon issues. Since the disclosure of the flaw, security […]

Pierluigi Paganini March 15, 2021

NCSC is not aware of ransomware attacks compromising UK orgs through Microsoft Exchange bugs

The UK’s National Cyber Security Centre (NCSC) urges UK organizations to install the patches for the recently disclosed vulnerabilities in Microsoft Exchange. The UK’s National Cyber Security Centre is urging UK organizations to install security patches for their Microsoft Exchange installs. The UK agency revealed to have helped UK organisations to secure their installs, around […]

Pierluigi Paganini March 12, 2021

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Researchers warn of a surge in cyber attacks against Microsoft Exchange servers exploiting the recently disclosed ProxyLogon vulnerabilities. Researchers at Check Point Research team reported that threat actors are actively exploiting the recently disclosed ProxyLogon zero-day vulnerabilities in Microsoft Exchange. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) […]

Pierluigi Paganini March 11, 2021

Expert publishes PoC exploit code for Microsoft Exchange flaws

This week a security researcher published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers chaining two of ProxyLogon flaws. On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant […]

Pierluigi Paganini March 11, 2021

Hackers stole data from Norway parliament exploiting Microsoft Exchange flaws

Norway parliament, the Storting, has suffered a new cyberattack, hackers stole data by exploiting recently disclosed Microsoft Exchange vulnerabilities. Norway ‘s parliament, the Storting, was hit by a new cyberattack, threat actors stole data exploiting the recently disclosed vulnerabilities in Microsoft Exchange, collectively tracked as ProxyLogon. On March 2nd, Microsoft has released emergency out-of-band security updates that […]

Pierluigi Paganini March 08, 2021

Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA

The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The European Banking Authority announced that it was the victim of a cyber attack against its email system that exploited recently disclosed zero-day vulnerabilities in Microsoft Exchange. On March 2nd, Microsoft has released emergency out-of-band security updates that […]

Pierluigi Paganini March 08, 2021

Microsoft updated MSERT to detect web shells used in attacks against Microsoft Exchange installs

Microsoft updated its Microsoft Safety Scanner (MSERT) tool to detect web shells employed in the recent Exchange Server attacks. Early this month, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that […]