Exchange | Smart Thinking Solutions

25 April 202425 April 2024

Manage your security patching

Here are a couple of examples from the recent cyber-tech press of examples of software vulnerabilities that need patching… Promptly! Microsoft releases Exchange hotfixes for security update issues – BleepingComputer ArcaneDoor hackers exploit Cisco zero-days to breach govt networks – BleepingComputer The first illustrates that management is needed as not …

Continue reading “Manage your security patching”

4 April 20244 April 2024

More pain for Microsoft and something free for you

Hot on the heels of “New Outlook – Surveillance in the name of profit” comes a report from the US Government’s Homeland Security on how Microsoft handled the 2023 Exchange Online cyber attack. Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (bleepingcomputer.com) Whatever Microsoft says about …

Continue reading “More pain for Microsoft and something free for you”

14 December 202214 December 2022

December’s Microsoft Patch Tuesday

SANS Internet Storm Diary has a comprehensive report on Microsoft’s Patch Tuesday: Microsoft December 2022 Patch Tuesday – SANS Internet Storm Center Here is the Microsoft release page: December 2022 Security Updates – Release Notes – Security Update Guide – Microsoft The Microsoft report gives much more information on the …

Continue reading “December’s Microsoft Patch Tuesday”

12 October 202218 October 2022

Yesterday was Patch Tuesday for Microsoft

So, everyone knows what that means, for the users, slow internet connections as we all gather in those vital updates, for the administrators, checking what needs to be done and checking that it has happened – including checking that the users have not skipped the updates because they are too …

Continue reading “Yesterday was Patch Tuesday for Microsoft”

4 October 20224 October 2022

In-house Microsoft Exchange zero-day attack mitigation is not enough

It appears the mitigation that Microsoft has published for the vulnerabilities CVE-2022-41040 and CVE-2022-41082 is not enough: Microsoft Exchange server zero-day mitigation can be bypassed (bleepingcomputer.com) These vulnerabilities are being actively exploited and now the steps put in place to defend against the issue can be bypassed and others are …

Continue reading “In-house Microsoft Exchange zero-day attack mitigation is not enough”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.