Early in the morning, a sudden spike in calls to the helpdesk for password resets and releases swamped IT-support staff at a hospital network. User accounts were under attack and Active Directory lockouts were spreading fast. Together we installed Messageware Exchange Protocol Guard (EPG) to look in detail at Outlook Web and immediately two things [...]
The UK's National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the trend toward home office (Coronavirus) to conduct cyberattacks and hacking campaigns. These ‘phishing’ attempts have been seen in several countries and can lead to significant losses: financial, reputational, and sensitive data. And no one is immune —as you'll read [...]
Exchange Server Hacks: Notes From The Field Cybersecurity is a top concern for everyone in the banking and financial sectors, and credit unions are no exception. The speed at which bots discover and target internet-facing Exchange Servers underscores the need for a variety of security solutions to minimize attack surfaces. In our fifth and final [...]
The first half of 2021 has been a very challenging period for everyone with Microsoft Exchange Servers. Numerous zero-day attacks and hackers adjusting published code to work-around emergency patches stretched messaging team resources to the limit. Of interest during this period was the increased recognition that we want to know more about what is affecting [...]
Software Release - EPG 3.6.1 The following updates are now available now EPG 3.6.1 customers and trial users. Messageware EPG 2019 v3.6.1 Messageware EPG 2016 v3.6.1 Messageware EPG 2013 v3.6.1 Note: Prior to upgrading from 3.5 or earlier, make note of all entries in IP Filtering menu - Allow Lists tab. These IPs will need [...]
You can use the information in this article to verify the version of Exchange that is running in your organization. This article is organized in sections that correspond to the major releases of Exchange. Each section lists build numbers for each Service Pack (SP), Cumulative Update (CU), Security Update (SU), or Update Rollup (RU) of [...]
June 8, 2021 - Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days exploited in the wild Six out of seven zero-days are being actively used in cyberattacks. ... Microsoft June 2021 Patch Tuesday: 50 vulnerabilities patched, six zero-days ... Last month, Microsoft resolved 55 security flaws, four of which were deemed critical in ... flaws. .… [Read More] May 24, 2021 - [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a large Healthcare Provider was caught by surprise when they discovered that Microsoft 365 and Outlook Web broke their ability to email vital documents from their Human Resources intranet portal. In this case, the portal [...]
Exchange Server: Notes From the Field This case involves attacks at a division of a large Telco with a strong IT team operating more than sixty on-premises servers and mandated 2FA security solution for divisions managing their own Exchange Servers. And then … several incidents lead one Division’s security team to discover that password guessing [...]
Microsoft 365 | Exchange Server: Notes From the Field In this edition of notes from the field, we share how a Global Manufacturing company's messaging team was struggling to make Microsoft 365 a success. A single comment summarized the many challenges their Firstline workers were facing: "We've run into use cases where we are bumping [...]
