Exchange

Microsoft August 2023 Security Updates Fixes 74 Vulnerabilities (6 Critical severity)

The Microsoft August 2023 Security Updates includes patches and advisories for 74 vulnerabilities, including 6 Critical severity issues.

Microsoft August 2023 Security Updates Fixes 74 Vulnerabilities (6 Critical severity) Read More »

CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day)

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Exchange and one Windows zero-day vulnerability to its Known Exploited Vulnerabilities Catalog.

CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day) Read More »

Microsoft November 2022 Security Updates addresses 65 vulnerabilities (6 zero-days to include ProxyNotShell)

The Microsoft November 2022 Security Updates includes patches and advisories for 65 vulnerabilities, including 6 zero-days and 10 Critical severity issues.

Microsoft November 2022 Security Updates addresses 65 vulnerabilities (6 zero-days to include ProxyNotShell) Read More »

Top CVEs targeted by PRC state-sponsored cyber actors

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”

Top CVEs targeted by PRC state-sponsored cyber actors Read More »

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks

Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks Read More »

CISA adds 3 vulnerabilities to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added 3 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Microsoft Exchange and Atlassian flaws.

CISA adds 3 vulnerabilities to Known Exploited Vulnerabilities Catalog Read More »

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities

Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities Read More »

Microsoft March 2022 Security Updates (fixes for 71 vulnerabilities, 3 Critical)

The Microsoft March 2022 Security Updates includes patches and advisories for 71 vulnerabilities, 29 of those remote code execution flaws and three rated Critical.

Microsoft March 2022 Security Updates (fixes for 71 vulnerabilities, 3 Critical) Read More »

BlackByte Ransomware compromised multiple entities in US critical infrastructure sectors

The Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) issued a joint Cybersecurity Advisory warning of BlackByte ransomware compromising multiple entities in US critical infrastructure sectors.

BlackByte Ransomware compromised multiple entities in US critical infrastructure sectors Read More »