The global ransomware scourge is poised to worsen over the next two years, fueled by artificial intelligence that makes cyber attacks more effective, according to a new report from Britain's cybersecurity chiefs. The National Cyber Security Centre, part of the UK's top signals intelligence agency GCHQ, warns that AI will enable even novice hackers to [...]
Zero-day attacks represent one of the most significant threats to Microsoft Exchange Servers. This post aims to provide Exchange administrators and security professionals with strategies to prepare for and defend against these unpredictable threats. Microsoft Exchange Server, being a critical component in enterprise communication infrastructure, is a primary target for hackers. Through-out 2023 and into [...]
Video summary: This video discusses high volume logon attacks (HVA) against Microsoft Exchange servers and Messageware Exchange Protocol Guard’s role in countering these attacks. https://www.youtube.com/watch?v=9blVda_IJIM Cybersecurity threats are becoming more sophisticated and relentless, especially for critical infrastructure like email servers. One such threat to be aware of is the high-volume logon attack (HVA), which targets [...]
TORONTO - Dec. 11, 2023 - Messageware Incorporated, a leader in cybersecurity solutions, today announced the launch of Z-Day Guard for Microsoft Exchange Server (Z-Day), a cutting-edge security product designed specifically for Microsoft Exchange Servers. Z-Day represents a significant advancement in protecting against zero-day attacks and unauthorized server access. Z-Day employs innovative File and Virtual Directory Integrity Monitoring to [...]
According to recent scans by The ShadowServer Foundation and security researcher Yutaka Sejiyama, over 20,000 Microsoft Exchange servers are running outdated and unsupported software. These servers are vulnerable to multiple critical remote code execution vulnerabilities. Thousands of Exchange Server 2007, 2010, and 2013 Instances Discovered The scans uncovered over 20,000 end-of-life Microsoft Exchange servers reachable [...]
Gaps in Multi-Factor Authentication (MFA) In this article, we will explore some of the drawbacks of MFA/2FA as a user security tool. Multi-Factor Authentication (MFA), also known as 2-Factor Authentication (2FA), has become an essential tool for protecting user accounts. It has become so ubiquitous, Microsoft has recently started enforcing it on all tenants by [...]
Last year, Microsoft announced a new servicing model for Exchange Server, with two Cumulative Updates (CUs) per year. However, Microsoft won't be releasing a second CU for 2023. There are two more CUs on the horizon for Exchange Server 2019: CU14 (H1 2024) and CU15 (H2 2024). The release date for CU14 has shifted to [...]
What are Windows cached credentials? The purpose of Windows cached credentials is to enable users to log into their accounts and access network resources even when the authentication server is unavailable, such as during offline use, while also improving login performance by reducing the need for frequent server authentications. Cached credentials are stored locally on [...]
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU12 and CU13 Exchange Server 2016 CU23 The November 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. These vulnerabilities affect [...]
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU12 and CU13 Exchange Server 2016 CU23 The October 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are [...]
Article Summary: This article examines the common Exchange Server attacks that result in Active Directory lockouts and effective techniques to prevent Active Directory user accounts lockouts. By deploying intelligent threat detection, enforcing strong password policies, enabling multi-factor authentication, and monitoring signs of compromise, companies can thwart attackers’ efforts to access mailboxes and maintain business continuity. [...]
Who’s probing your Exchange Server? Today’s systems reveal more information to the internet than intended. If you have an internet facing Exchange Server, it is being probed to discover its specifications, vulnerabilities, and weaknesses. RELATED: Watch a video on High Volume Attacks attacks on Exchange Server Hackers Hackers probe Exchange Servers to identify weaknesses or [...]
Microsoft has re-released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU12 and CU13 Exchange Server 2016 CU23 More information from Microsoft about the re-release is available here. The following table describes the actions you need to take based on [...]
In this article, we'll answer frequently asked questions about how to manage your Active Directory Lockout policy. There is no one-size-fits-all approach to customizing these settings as organizations have different risk levels. For helpful information about what causes frequent Active Directory account lockouts, check out our blog "6 Common Causes of Active Directory Account Lockouts and [...]
Microsoft and the Ukraine CERT have identified targeted attacks against the defense industry and Microsoft Exchange servers by a Russian state-sponsored hacking group known as Turla. The attacks leverage a new malware backdoor called 'DeliveryCheck,' a .NET backdoor which can execute second-stage payloads. What makes DeliveryCheck stand out is its Microsoft Exchange Server-side component. The [...]
This article will explain the most common causes of Active Directory Lockouts, and how to mitigate them. For information on managing your Active Directory account policies and changing settings, refer to our blog: How to Change Active Directory (AD) Lockout Policy. RELATED: Secure Exchange Server from Attacks, Probing, Password Guessing and Active Directory Lockouts. Learn [...]
Microsoft released Cumulative Update 13 for Microsoft Exchange Server 2019 on May 3rd, 2023. This cumulative update is a security update. It includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues , including updates in the March 2023 SU. Highlights: Microsoft has announced that they are bringing Modern Authentication to pure on-premises Exchange Server environments [...]
Summary: In this article we discuss how to secure OWA, protect Outlook Web from DoS and brute force attacks, discuss what these attacks are, and how they can be prevented. We also look into automated brute force attacks and why setting an account lockout threshold can leave your Exchange Server vulnerable to DoS attacks. Last [...]
Last week we demonstrated a variety of ways in which an OWA session can be compromised and how to mitigate against it, even though the user may have been doing their best to follow company security policies. This week's series of tests will highlight the exposures that exist, and how to provide OWA attachment security. Simply [...]
