Exchange Server
Microsoft Exchange vulnerability actively exploited
One of Microsoft’s Patch Tuesday fixes has flipped from “Likely to be Exploited” to “Exploitation Detected”.
Read moreObserving OWASSRF Exchange Exploitation… still
Credit to Author: Angela Gunn| Date: Wed, 15 Mar 2023 16:45:56 +0000
ProxyNotShell continues to make waves as November 2022 fixes fail to contain SSRF tactic
Read moreTwo Exchange Server vulns veer dangerously close to ProxyShell
Credit to Author: Angela Gunn| Date: Mon, 03 Oct 2022 22:03:02 +0000
A chained pair of vulnerabilities, plus PowerShell, affects the Microsoft messaging platform well in advance of Patch Tuesday; Sophos customers are protected
Read moreAnalyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
Credit to Author: Katie McCafferty| Date: Sat, 01 Oct 2022 04:21:00 +0000
MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.
The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog.
Read moreMalicious OAuth applications abuse cloud email services to spread spam
Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 22 Sep 2022 16:00:00 +0000
Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.
The post Malicious OAuth applications abuse cloud email services to spread spam appeared first on Microsoft Security Blog.
Read moreMalicious OAuth applications used to compromise email servers and spread spam
Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 22 Sep 2022 16:00:00 +0000
Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange servers to launch spam runs.
The post Malicious OAuth applications used to compromise email servers and spread spam appeared first on Microsoft Security Blog.
Read moreYou only have nine months to ditch Exchange Server 2013
Credit to Author: Pieter Arntz| Date: Mon, 27 Jun 2022 19:51:07 +0000
Microsoft posted a reminder that Exchange Server 2013 is destined to reach end of support very, very soon.
The post You only have nine months to ditch Exchange Server 2013 appeared first on Malwarebytes Labs.
Read more