Important: The Aug 8 SU has been withdrawn and re-released by Microsoft due to installation issues in some environments. For more information and what to do if you installed Aug 8 SUv1 you can refer to the Microsoft blog article here: Re-release of August 2023 Exchange Server Security Update packages – Microsoft Community Hub. Otherwise, proceed to the Aug 15 SUv2 version available here: Released: August 2023 Exchange Server Security Updates – Microsoft Community Hub

How EPG and Spamhaus Protect a Billion Dollar Food Retailer

A major U.S. retail chain recently evaluated EPG with Spamhaus threat data feeds against other top Exchange Server security products, and the results shocked them. During the three-week evaluation period, EPG and Spamhaus outperformed other competitors and prevented over 45,000 malicious connection attempts, including many from domestic IP addresses.
“I was shocked to actually see the amount of probing against Exchange servers – Most businesses are unaware of both probing and malicious traffic, making them a target for cyber-criminal behavior.” Said Mark Rotman, President of Messageware. “We are excited by the combined solution. For the first time, it is now easy to see, gain control of, and be alerted to unwanted Exchange Server traffic.”

Microsoft 365 Reliability in Question

I recently read a number of online articles bringing 365 reliability into question. Apparently, since January, every month except July Microsoft has experienced service interruptions across Exchange Online, Outlook, Teams, and OneDrive. Users have reported difficulties accessing their Outlook mailboxes, and connection attempts to Microsoft 365 servers were unsuccessful. There have been over seven interruptions for Microsoft this year and the trend is continuing. Businesses and organizations that rely on Microsoft 365 for their productivity and collaboration requirements are seriously concerned about the service disruptions, which have affected almost every facet of Microsoft’s 365 services. Given the press, I’m sure Microsoft is working hard and feeling pressure to improve the reliability of its cloud services and to deliver back to migrated customers the prior stability they had with their on-premises servers.

New Messageware Software: Zero-Day & Web Shell Protection for Exchange Servers

Z-Day for Exchange Servers is a brand new Messageware solution focused on detection, alerting, and response (MDR/MDAR) to zero-day attacks and server penetrations. Messageware Z-Day actively protects servers using embedded monitoring technology that cannot be turned off by malicious software.

Z-Day’s goal is to detect changes to the environment that indicate the dropping of Command and Control (C&C) web shells. C&C web shells commonly reach out to the internet, enabling remote access to your network. Recently we’ve seen a number of these attacks, such as Exchange Server ProxyShell and several similar Windows IIS compromises that set up these penetration and jumping-off points.

Reach out to Messageware

If you are not protecting all the protocols used by your Exchange Server, you’re putting your company at a higher risk of a data breach. Security incidents happen frequently. They cause disruption, loss of data and risk the reputation of your company. Contact us for more information, pricing, or a demo / free trial:

Wishing you all the best,

Mark Rotman
President and CEO Messageware Incorporated

Critical Microsoft Patches
Once again attackers show us that security is an ongoing, unending process that must be managed regardless of whether you are in the Cloud or On-prem!
Released: August 2023 Exchange Server Security Updates
The August 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes.

Updates available here:  

Download: Security Update For Exchange Server 2019 CU13 SU2V2 (KB5030524)
Download: Security Update For Exchange Server 2019 CU12 SU9V2 (KB5030524)
Download: Security Update For Exchange Server 2016 CU23 SU9V2 (KB5030524)