Cybersecurity Starts in the Boardroom
On-premises Exchange servers are still out there and they make great targets for threat actors, especially those with unpatched flaws. There is a new PowerShell based malware called PowerExchange and being linked to an Iranian threat group APT34 that backdoors Microsoft Exchange servers. New PowerExchange malware backdoors Microsoft Exchange servers …
Continue reading “On-premises Exchange Server Vulnerability”
…if you run your own onsite Exchange server. Keeping onsite Exchange servers up to date and patched was a labour intensive task, when our support team used to do it – now we no longer support any on premise Exchange servers it is a relief for the team. But for …
Continue reading “I know why you cannot send email anymore…”
The US government Cybersecurity and Infrastructure Security Agency (CISA) is an excellent resource for keeping up with security advisories. Adobe and Microsoft Patch Tuesday are the latest advisories as well as additions to CISA’s Known Exploited Vulnerabilities Catalog. Both of these Microsoft exploits are addressed in the Microsoft Patch Tuesday …
There is an actively exploited zero-day flaw being reported, that Microsoft has not yet patched – so have a look at GTSC’s blog post: Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server | GTSC (gteltsc.vn) The post also includes some temporary mitigation whilst waiting …
Continue reading “Do you operate an Exchange Server? Is it patched and up to date?”
Microsoft has issued it’s monthly round of patches and updates, SANS Internet Storm Centre has a round-up here: Microsoft August 2022 Patch Tuesday – SANS Internet Storm Center This update addresses the DogWalk zero-day vulnerability. Here are the Microsoft release notes: August 2022 Security Updates – Release Notes – Security …
Continue reading “Yesterday was Patch Tuesday – Exchange server gets a special mention”
We live in a Microsoft world when it comes to business – and Microsoft Exchange, whether hosted or your own servers, by their very nature contain information that hacker love or are a way into an organisation. So they are always going to be a target: UNC3524: Eye Spy on …
The UK’s National Cyber Security Centre with it’s partners in the Five Eyes, has issued an advisory for the top exploited software vulnerabilities in 2021 – meaning they could continue being the top exploits in 2022. 2021 Top Routinely Exploited Vulnerabilities | CISA Microsoft Exchange server, VMware, SonicWall and Log4j …
