Trusted by more than 2500 companies with over 5 million users

CISA Publishes Mitigation Techniques Against Exchange Server Attacks

In response to the recent targeting of critical infrastructure in the US and abroad, the Cybersecurity and Infrastructure Security Agency (CISA) urges network and security administrators to prepare and immediately mitigate potential cyber threats with the following measures. Implement and apply backup and recovery policies and procedures: Maintain offline backups of data Regularly test backup and restoration Ensure [...]

CISA Publishes Mitigation Techniques Against Exchange Server Attacks2023-09-13T10:31:00-04:00

Nemesis Kitten targets Exchange Server for Attacks

Microsoft Security Threat Intelligence has been tracking multiple ransomware campaigns by a group known as DEV-0270 who also goes by the alias Nemesis Kitten. Who is DEV-0270? DEV-0270, a sub-group of the Iranian threat actor known as PHOSPHORUS, are known for leveraging newly disclosed vulnerabilities against their targets. If successful, the group contacts the victim [...]

Nemesis Kitten targets Exchange Server for Attacks2022-12-27T07:20:19-05:00

Microsoft Exchange Server Security: The 10 Best Ways to Secure Your Server

Security breaches cause organizational chaos, financial and reputation risk. Given how organizations have shifted to a hybrid of in-office and work-from-home, there is a significant increase in the security threat landscape, and it’s more important than ever to improve and harden Exchange Server security. These best practices help provide a baseline security framework that all [...]

Microsoft Exchange Server Security: The 10 Best Ways to Secure Your Server2024-11-12T05:37:17-05:00

Microsoft August 2022 Patch Tuesday: Exchange Server vulnerabilities fixed

Microsoft has released security updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 The SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to [...]

Microsoft August 2022 Patch Tuesday: Exchange Server vulnerabilities fixed2023-04-24T06:56:38-04:00

IceApple exploit framework targeting Microsoft Exchange servers

Stealthy, “highly sophisticated” post-exploitation framework used for data exfiltration likely the work of a state-sponsored threat actor. In late 2021, security researchers on CrowdStrike’s Falcon OverWatch team first detected a modular exploit targeting Microsoft Exchange Servers. Dubbed IceApple, the .NET-based framework has been observed in “distinct locations” and primarily directed toward entities in government, academic [...]

IceApple exploit framework targeting Microsoft Exchange servers2022-12-27T07:22:34-05:00

Microsoft March 2022 Patch Tuesday: 2 Exchange Server vulnerabilities fixed

The March 2022 SUs for Exchange Server address vulnerabilities responsibly reported by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately. These vulnerabilities affect on-premises Exchange Server, including servers used by customers in Exchange Hybrid mode. Exchange [...]

Microsoft March 2022 Patch Tuesday: 2 Exchange Server vulnerabilities fixed2022-06-01T12:18:47-04:00

Brute Force password attack causes massive disruption at hospital

Early in the morning, a sudden spike in calls to the helpdesk for password resets and releases swamped IT-support staff at a hospital network. User accounts were under attack and Active Directory lockouts were spreading fast. Together we installed Messageware Exchange Protocol Guard (EPG) to look in detail at Outlook Web and immediately two things [...]

Brute Force password attack causes massive disruption at hospital2023-09-19T10:29:34-04:00

Notes From the Field: Government agency stolen passwords bypass 2FA Security

The UK's National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the trend toward home office (Coronavirus) to conduct cyberattacks and hacking campaigns. These ‘phishing’ attempts have been seen in several countries and can lead to significant losses: financial, reputational, and sensitive data. And no one is immune —as you'll read [...]

Notes From the Field: Government agency stolen passwords bypass 2FA Security2023-04-24T06:53:38-04:00

Bots Automatically Target Credit Union’s Exchange Servers With Password Spray Attacks

Exchange Server Hacks: Notes From The Field Summary: In this article we look at how bots targeting a credit union's Exchange Servers with password spray attacks caused AD account lockouts. Cybersecurity is a top concern for everyone in the banking and financial sectors, and credit unions are no exception. The speed at which bots discover [...]

Bots Automatically Target Credit Union’s Exchange Servers With Password Spray Attacks2023-09-21T03:01:29-04:00

Timeline of Microsoft Exchange Server Zero-Day attacks

June 8, 2021 - Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days exploited in the wild Six out of seven zero-days are being actively used in cyberattacks. ... Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days ... Last month, Microsoft resolved 55 security flaws, four of which were deemed critical in ... flaws. .… [Read More] May 24, 2021 - [...]

Timeline of Microsoft Exchange Server Zero-Day attacks2022-11-10T12:12:37-05:00

Telco Adds Exchange Server Protocol Guard to Prevent Account Lockouts Caused by 2FA Login Software

Exchange Server: Notes From the Field This case involves attacks at a division of a large Telco with a strong IT team operating more than sixty on-premises servers and mandated 2FA security solution for divisions managing their own Exchange Servers. And then … several incidents lead one Division’s security team to discover that password guessing [...]

Telco Adds Exchange Server Protocol Guard to Prevent Account Lockouts Caused by 2FA Login Software2023-09-07T10:31:07-04:00

Disgruntled ex-employee attacks Exchange Server with Outlook Mobile from their BYOD device

Exchange Server: Notes from the Field Support staff in a large manufacturing company were experiencing a sudden increase in the number of calls dealing with Active Directory user account lockouts and email password resets. The Exchange Server messaging group reached out to us for help. Together we installed Exchange Protocol Guard (EPG) to find out [...]

Disgruntled ex-employee attacks Exchange Server with Outlook Mobile from their BYOD device2023-04-24T06:54:36-04:00

Rethinking BYOD Security with Exchange Outlook Web

We're living in a world of anywhere access where distinction between work and home life has blurred. Employees are requesting, no, demanding access corporate applications, data and resources from virtually anywhere and on almost any device. And your IT team is under immense pressure to provide end users with remote secure access to corporate resources–but at [...]

Rethinking BYOD Security with Exchange Outlook Web2019-08-24T01:02:03-04:00

7 Ways to Secure Sensitive Corporate Data Crossing the Border

Recently, The New York Times ran an article warning travelers to exercise the same degree of security over data on mobile devices as they would in protecting themselves from muggers. The warning comes in the wake of increased pressure by foreign and domestic governments for travelers to hand over devices and passwords because border agents [...]

7 Ways to Secure Sensitive Corporate Data Crossing the Border2022-06-06T05:44:15-04:00

Is Your Microsoft Outlook Web Secure?

This article covers how to secure Outlook Web Access (OWA). It discusses the risks of leaving OWA sessions open and how to test for vulnerabilities. We’ll cover risks users should be aware of and steps to mitigate them. Nowadays employees are mobile and constantly connected; the traditional work environment has expanded beyond the physical office walls to include coffee shops, airports, and [...]

Is Your Microsoft Outlook Web Secure?2024-10-29T05:42:01-04:00