Trusted by more than 2500 companies with over 5 million users
16 11, 2021

Microsoft Exchange Server Security – November 2021 Updates

2021-12-01T11:56:25-05:00In The News, Microsoft Exchange|

The November 2021 security updates for Exchange Server address vulnerabilities reported by security partners and found through Microsoft’s internal processes. We are aware of limited targeted attacks in the wild using one of vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019. Our recommendation is to install these updates immediately to protect your environment. For convenience, [...]

Read More
24 09, 2021

Notes From the Field: Brute Force password attack causes massive Active Directory lockout at hospital

2021-10-14T08:48:21-04:00Blog, Exchange Security, OWA Security|

Early in the morning, a sudden spike in calls to the helpdesk for password resets and releases swamped IT-support staff at a hospital network. User accounts were under attack and Active Directory lockouts were spreading fast. Together we installed Messageware Exchange Protocol Guard (EPG) to look in detail at Outlook Web and immediately two things [...]

Read More
10 09, 2021

Notes From the Field: Government agency stolen passwords bypass 2FA Security

2021-10-14T06:09:15-04:00Blog, Exchange Security, OWA Security|

The UK's National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the trend toward home office (Coronavirus) to conduct cyberattacks and hacking campaigns. These ‘phishing’ attempts have been seen in several countries and can lead to significant losses: financial, reputational, and sensitive data. And no one is immune —as you'll read [...]

Read More
24 08, 2021

Bots Automatically Target Credit Union’s Exchange Servers With Password Spray Attacks

2021-08-24T10:32:32-04:00Exchange Security, OWA Security|

Exchange Server Hacks: Notes From The Field Cybersecurity is a top concern for everyone in the banking and financial sectors, and credit unions are no exception. The speed at which bots discover and target internet-facing Exchange Servers underscores the need for a variety of security solutions to minimize attack surfaces. In our fifth and final [...]

Read More
20 07, 2021

Microsoft Exchange – Messageware Q2 2021 Newsletter

2021-07-20T09:06:43-04:00News|

The first half of 2021 has been a very challenging period for everyone with Microsoft Exchange Servers. Numerous zero-day attacks and hackers adjusting published code to work-around emergency patches stretched messaging team resources to the limit. Of interest during this period was the increased recognition that we want to know more about what is affecting [...]

Read More
17 07, 2021

Exchange Protocol Guard – Software Release – EPG 3.6.1

2021-08-24T10:24:35-04:00In The News, Microsoft Exchange|

Software Release - EPG 3.6.1 The following updates are now available now EPG 3.6.1  customers and trial users. Messageware EPG 2019 v3.6.1 Messageware EPG 2016 v3.6.1 Messageware EPG 2013 v3.6.1 Note: Prior to upgrading from 3.5 or earlier, make note of all entries in IP Filtering menu - Allow Lists tab. These IPs will need [...]

Read More
25 06, 2021

Microsoft Exchange Server Build Numbers and Release Dates

2021-07-13T10:59:30-04:00Microsoft Exchange|

You can use the information in this article to verify the version of Exchange that is running in your organization. This article is organized in sections that correspond to the major releases of Exchange. Each section lists build numbers for each Service Pack (SP), Cumulative Update (CU), Security Update (SU), or Update Rollup (RU) of [...]

Read More
25 06, 2021

Timeline of Microsoft Exchange Server Zero-Day attacks

2021-06-25T08:49:29-04:00Exchange Security|

June 8, 2021 - Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days exploited in the wild Six out of seven zero-days are being actively used in cyberattacks. ... Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days ... Last month, Microsoft resolved 55 security flaws, four of which were deemed critical in ... flaws. .… [Read More] May 24, 2021 - [...]

Read More
22 06, 2021

Healthcare Provider Adds OWA SendTo / MailTo Functionality for Microsoft 365 with Citrix Profiles

2021-07-27T11:32:16-04:00Outlook Web|

  Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a large Healthcare Provider was caught by surprise when they discovered that Microsoft 365 and Outlook Web broke their ability to email vital documents from their Human Resources intranet portal. In this case, the portal [...]

Read More
20 06, 2021

Telco Adds Exchange Server Protocol Guard to Prevent AD Lockouts Caused by 2FA Login Software

2021-07-27T11:32:24-04:00Blog, Exchange Security, OWA Security|

Exchange Server: Notes From the Field This case involves attacks at a division of a large Telco with a strong IT team operating more than sixty on-premises servers and mandated 2FA security solution for divisions managing their own Exchange Servers. And then … several incidents lead one Division’s security team to discover that password guessing [...]

Read More