Exchange

Microsoft Urges Customers to Secure On-Premises Exchange Servers

Jan 28, 2023 by iHash Leave a Comment

Jan 28, 2023Ravie LakshmananEmail Security / Cyber Threat Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. "Attackers looking to exploit unpatched Exchange servers are not going to go … [Read more...] about Microsoft Urges Customers to Secure On-Premises Exchange Servers

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Dec 21, 2022 by iHash Leave a Comment

Dec 21, 2022Ravie LakshmananEmail Security / Data Security Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA). "The new exploit method bypasses URL rewrite … [Read more...] about Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

Oct 8, 2022 by iHash Leave a Comment

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from ".*autodiscover\.json.*Powershell.*" to "(?=.*autodiscover\.json)(?=.*powershell)." The … [Read more...] about Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations

Oct 1, 2022 by iHash Leave a Comment

Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally. "These attacks installed the Chopper web shell to facilitate hands-on-keyboard access, which the attackers used to perform … [Read more...] about State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations

Favorable exchange rate on a fake cryptoexchange

Jul 5, 2022 by iHash Leave a Comment

Online scammers use all sorts of ways to separate cryptoinvestors from their prized bitcoin. They create fake news sites and promise helicopter money. They even post screenshots in Lightshot with “cryptowallet login credentials” — this being a trap for folks who have a weakness for other folks’ secrets and a free lunch. We recently uncovered a new scheme in which YouTube users … [Read more...] about Favorable exchange rate on a fake cryptoexchange

New ToddyCat Hacker Group on Experts’ Radar After Targeting MS Exchange Servers

Jun 21, 2022 by iHash Leave a Comment

An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft Exchange servers in Taiwan and Vietnam using an unknown exploit to deploy the China Chopper … [Read more...] about New ToddyCat Hacker Group on Experts’ Radar After Targeting MS Exchange Servers

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

Mar 28, 2022 by iHash Leave a Comment

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers. "The emails use a social engineering technique of conversation hijacking (also known as thread hijacking)," Israeli company Intezer said in a … [Read more...] about Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials

Sep 23, 2021 by iHash Leave a Comment

An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the ability to 'sniff' traffic in the same network, they can capture domain credentials in … [Read more...] about Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials

Microsoft Exchange Under Attack With ProxyShell Flaws

Aug 22, 2021 by iHash Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency is warning of active exploitation attempts that leverage the latest line of "ProxyShell" Microsoft Exchange vulnerabilities that were patched earlier this May, including deploying LockFile ransomware on compromised systems. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities enable … [Read more...] about Microsoft Exchange Under Attack With ProxyShell Flaws

Attack on DEX exchange clients in Discord

Mar 26, 2021 by iHash Leave a Comment

Following recent scams involving fake cryptocurrency exchanges and fake news sites, we recently uncovered a third campaign, one using fake DEX exchanges and aimed at cryptocurrency enthusiasts on the Discord messaging app. Here’s how the new scheme works. A word about cryptocurrency exchanges First, what’s a DEX? Two types of cryptocurrency exchanges exist: centralized (CEX) … [Read more...] about Attack on DEX exchange clients in Discord

The All-In-One Microsoft Office Professional for Windows 2021 & The Premium Microsoft Office Training Bundle for $69

Scrivener 3: Award-Winning App for Writers (Windows) for $29

Roomie Sophie Smart Body Scale with Free App for $32

Leather AirTag Case – Black for $29

Leather AirTag Case – Tan for $29