Zero-day attacks represent one of the most significant threats to Microsoft Exchange Servers. This post aims to provide Exchange administrators and security professionals with strategies to prepare for and defend against these unpredictable threats. Microsoft Exchange Server, being a critical component in enterprise communication infrastructure, is a primary target for hackers. Through-out 2023 and into [...]
Video summary: This video discusses high volume logon attacks (HVA) against Microsoft Exchange servers and Messageware Exchange Protocol Guard’s role in countering these attacks. https://www.youtube.com/watch?v=9blVda_IJIM Cybersecurity threats are becoming more sophisticated and relentless, especially for critical infrastructure like email servers. One such threat to be aware of is the high-volume logon attack (HVA), which targets [...]
Gaps in Multi-Factor Authentication (MFA) In this article, we will explore some of the drawbacks of MFA/2FA as a user security tool. Multi-Factor Authentication (MFA), also known as 2-Factor Authentication (2FA), has become an essential tool for protecting user accounts. It has become so ubiquitous, Microsoft has recently started enforcing it on all tenants by [...]
Microsoft Exchange is currently under threat due to four newly discovered zero-day vulnerabilities, which attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations. These vulnerabilities were disclosed by Trend Micro's Zero Day Initiative (ZDI) on September 7th and 8th, 2023. Despite their potential threat, Microsoft has chosen to delay [...]
Exchange Server Hacks: Notes From The Field Summary: In this article we look at how bots targeting a credit union's Exchange Servers with password spray attacks caused AD account lockouts. Cybersecurity is a top concern for everyone in the banking and financial sectors, and credit unions are no exception. The speed at which bots discover [...]
