Exchange Archives - Page 3 of 4

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2)

Cybersecurity Attacks, Malware, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / April 13, 2021 / China Chopper, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, DearCry, Exchange, Microsoft, web shell

The Cybersecurity and Infrastructure Security Agency (CISA) has published reports on DearCry ransomware and China Chopper Web Shell malware linked to recent Exchange Server exploits. Attackers can use this malware to further compromise on-premise Microsoft Exchange servers and launch other attacks.

CISA publishes reports on DearCry ransomware and China Chopper Web Shell malware linked to Exchange Server exploits (update-2) Read More »

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Cybersecurity Articles, Cybersecurity Attacks, Security Monitoring, Vulnerabilities & Exploits / Frank Crast / March 30, 2021 / Cyberattack, DoejoCrypt, Egregor, Exchange, HAFNIUM, Lemon Duck, Maze, Microsoft, Pydomer

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks Read More »

Cybersecurity experts warn exploits grow ten-fold after Exchange Server zero-day vulnerabilities revealed

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 15, 2021 / CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, Exchange, IIS, Microsoft, Zero-day

Cybersecurity experts are warning exploits against organizations worldwide have grown ten-fold after recent Microsoft Exchange Server zero-day vulnerabilities known as “ProxyLogon” were revealed.

Cybersecurity experts warn exploits grow ten-fold after Exchange Server zero-day vulnerabilities revealed Read More »

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / March 11, 2021 / CISA, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, Exchange, FBI, Zero-day

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an urgent joint cybersecurity advisory on the Microsoft Exchange vulnerability exploits, collectively known as “ProxyLogon.”

FBI and CISA issue urgent joint cybersecurity advisory on Exchange server hacks Read More »

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 10, 2021 / Azure, CVE-2021-26411, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-26897, CVE-2021-27065, DNS, DNS Server, Exchange, Git, HEVC, Hyper-V, Office, OpenType, Visual Studio, Windows

Microsoft has released the March 2021 Security updates that includes patches for 89 vulnerabilities, 14 of those rated Critical. The fixes follow just after the tech giant released emergency patched for Exchange flaws being exploited in the wild.

Microsoft March 2021 Security Updates, fixes for 14 Critical bugs Read More »

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated)

Cybersecurity Attacks, Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / March 8, 2021 / CVE-2021-26855, Cybersecurity, Cybersecurity Threat Center, Exchange, Exchange Server, Exploit, Microsoft, Vulnerabilities

Microsoft has released emergency out-of-band security updates to fix multiple Critical vulnerabilities impacting Microsoft Exchange Server 2013, 2016 and 2019, collectively known as “ProxyLogon.” The tech giant also published interim mitigations if organizations can not patch immediately, as well as an IOC detection tool.

Microsoft releases emergency patches for Exchange Server RCE vulnerabilities exploited in the wild (Updated) Read More »

Microsoft December 2020 Security Updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 9, 2020 / Azure, ChakraCore, CVE-2020-17095, CVE-2020-17117, CVE-2020-17118, CVE-2020-17131, CVE-2020-17132, CVE-2020-17152, Dynamics, Edge, Exchange, Office, Visual Studio, Windows

Microsoft has released the December 2020 Security updates that includes patches for 58 vulnerabilities, 9 of them rated Critical.

Microsoft December 2020 Security Updates Read More »

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / September 15, 2020 / BIG-IP, Citrix, CVE-2019-11510, CVE-2019-19781, CVE-2020-0688, CVE-2020-5902, DHS, Exchange, F5, Microsoft, MSS, Pulse Secure, VPN

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Chinese threat actors targeting U.S. government agencies and these 4 CVEs Read More »

Microsoft February 2019 patch updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 13, 2019 / CVE-2019-0686, Exchange, Microsoft, Windows

Microsoft issued the February 2019 Security Updates that include nearly 74 unique vulnerability fixes, 20 of them rated critical.

Microsoft February 2019 patch updates Read More »

Microsoft issues new advisory for “PrivExchange” vulnerability

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 6, 2019 / EWS, Exchange, PrivExchange

Microsoft has released a new security advisory for an Elevation of Privilege vulnerability “PrivExchange” that impacts multiple versions of Microsoft Exchange Server.

Microsoft issues new advisory for “PrivExchange” vulnerability Read More »