This year Hafnium exploited Microsft Exchange vulnerabilities. Other cyberattackers are following suit. But if you're like most organizations, you simply do not have the resources to protect against attackers constantly probing and attempting to access your Exchange Servers. Or do you? Let me explain. Messageware EPG can be your first line of defence against attackers. [...]
Early in the morning, a sudden spike in calls to the helpdesk for password resets and releases swamped IT-support staff at a hospital network. User accounts were under attack and Active Directory lockouts were spreading fast. Together we installed Messageware Exchange Protocol Guard (EPG) to look in detail at Outlook Web and immediately two things [...]
The UK's National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the trend toward home office (Coronavirus) to conduct cyberattacks and hacking campaigns. These ‘phishing’ attempts have been seen in several countries and can lead to significant losses: financial, reputational, and sensitive data. And no one is immune —as you'll read [...]
Exchange Server Hacks: Notes From The Field Summary: In this article we look at how bots targeting a credit union's Exchange Servers with password spray attacks caused AD account lockouts. Cybersecurity is a top concern for everyone in the banking and financial sectors, and credit unions are no exception. The speed at which bots discover [...]
The first half of 2021 has been a very challenging period for everyone with Microsoft Exchange Servers. Numerous zero-day attacks and hackers adjusting published code to work-around emergency patches stretched messaging team resources to the limit. Of interest during this period was the increased recognition that we want to know more about what is affecting [...]
Software Release - EPG 3.6.1 The following updates are now available now EPG 3.6.1 customers and trial users. Messageware EPG 2019 v3.6.1 Messageware EPG 2016 v3.6.1 Messageware EPG 2013 v3.6.1 Note: Prior to upgrading from 3.5 or earlier, make note of all entries in IP Filtering menu - Allow Lists tab. These IPs will need [...]
June 8, 2021 - Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days exploited in the wild Six out of seven zero-days are being actively used in cyberattacks. ... Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days ... Last month, Microsoft resolved 55 security flaws, four of which were deemed critical in ... flaws. .… [Read More] May 24, 2021 - [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a large Healthcare Provider was caught by surprise when they discovered that Microsoft 365 and Outlook Web broke their ability to email vital documents from their Human Resources intranet portal. In this case, the portal [...]
Exchange Server: Notes From the Field This case involves attacks at a division of a large Telco with a strong IT team operating more than sixty on-premises servers and mandated 2FA security solution for divisions managing their own Exchange Servers. And then … several incidents lead one Division’s security team to discover that password guessing [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a Global Manufacturing company's messaging team was struggling to make Microsoft 365 a success. A single comment summarized the many challenges their Firstline workers were facing: "We've run into use cases where we are bumping [...]
Exchange Server: Notes from the Field Support staff in a large manufacturing company were experiencing a sudden increase in the number of calls dealing with Active Directory user account lockouts and email password resets. The Exchange Server messaging group reached out to us for help. Together we installed Exchange Protocol Guard (EPG) to find out [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a Utility Provider running a Microsoft 365 pilot overcame complaints from field workers about the time required to complete and submit vital health and safety information with fillable Adobe Forms. The challenge came with the [...]
March has been a difficult month for everyone with Exchange Servers. The HAFNIUM attack has some damage estimates exceeding 100,000 servers. And while the initial attack goal was data theft (exfiltration), there are now reports that the attack has shifted to ransomware. Microsoft has released a new, one-click mitigation tool, Microsoft Exchange On-Premises Mitigation Tool (which includes Microsoft [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how Firstline Workers at a Global Outsourcing company were struggling to maintain a high level of customer service with Outlook Web after the company migrated to Microsoft 365 and Outlook Web. Microsoft does a great [...]
A quick update to keep everyone informed on important Microsoft Exchange security updates: May 11, 2021 – Microsoft Exchange Server vulnerability – this time it is a security feature bypass and is one of the Exchange vulnerabilities that was found during PWN2OWN 2021. Microsoft has rated this as Exploitation Less Likely on the latest software [...]
A quick update to keep everyone informed on important Microsoft Exchange security updates: April 13, 2021 – Microsoft released new and urgent security updates for Exchange server 2019, 2016, 2013 covering four Remote Code vulnerabilities: […]
Summary: In this article we discuss how to secure OWA, protect Outlook Web from DoS and brute force attacks, discuss what these attacks are, and how they can be prevented. We also look into automated brute force attacks and why setting an account lockout threshold can leave your Exchange Server vulnerable to DoS attacks. Last [...]
Its December & Good news is everywhere – the Holiday season is here, Microsoft just patched all versions of Exchange Servers, Vaccines are approved, and Messageware has officially released Exchange Protocol Guard 3.4, EPG! EPG 3.4 Security for Exchange Servers: This release includes our newest protection: LVA. LVA or Low-Volume Attacks are targeted persistent attacks [...]
Some good news – Messageware's quarterly newsletter is here, and surely that means 2020 is winding down… Server Security - Update: We enjoy when companies discuss Exchange Server attacks with us as it allows us to share their stories with you, and drives our product development. Recently, we had several investigations into brute-force attacks – [...]
