Displaying items by tag: Microsoft Exchange

Security researchers at Cisco's Talos unit have discovered a campaign they have named ArcaneDoor, which they say is "the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors".

Microsoft has detailed 105 vulnerabilities in its products on October's Patch Tuesday, including three zero-days and 12 critical flaws that could be exploited for remote code execution.

Reports are emerging that a new zero-day exists in Microsoft Exchange and that it is being exploited in the wild, a well-known security researcher has warned.

Security firm Mandiant has released details about a threat actor it has named UNC3524, which infiltrates and resides for long periods in Windows environments where it can collect emails in bulk. The active backdoor is named QUIETEXIT and it is based on the Dropbear SSH client-server software which is generally used in environments with low memory and processor resources.

GUEST OPINION: The world learned about the Hafnium attacks on Microsoft Exchange servers last year, and it was bad. Since then, more vulnerabilities have been discovered, as well as additional ways that cybercriminals exploit them.

Austrian open source software development company grommunio has announced that its groupware, of the same name, can be used to replace Microsoft Exchange.

Three technology industry bodies have urged the Federal Government to significantly revise the Security Legislation Amendment (Critical Infrastructure) Bill 2020 before it is voted on, as it would otherwise "create an unworkable set of obligations and set a troubling global precedent".

Researchers have published details of what they claim is a Chinese-speaking nation-state actor which has been targeting a number of south-east Asian countries for more than a year, using vulnerabilities in Microsoft Exchange as an entry point. The campaign has been given the name GhostEmperor.

A joint parliamentary committee has proposed that an amendment to the laws governing critical infrastructure be split up into two, in order to pass what it says are "urgent reforms".

A researcher at a security firm that disclosed an issue with a protocol in the Microsoft Exchange mail server software has defended not having made contact with the company before releasing his findings, saying the issue had been known for seven years.

A protocol used by Microsoft Exchange, the popular email server software used by both individuals and businesses, has been found to be leaking credentials of users, who attempt to authenticate from clients like Microsoft Outlook, due to a defect in its design.

Microsoft has enabled what must surely be one of the most-requested features for Office 365 - the ability to send email from a proxy address, or an alias.

Company News: Radware has reported a series of new zero-day exploits in Microsoft Exchange Servers discovered late last year has evolved into a global hacking spree now impacting hundreds of thousands of organisations worldwide.

The number of APT groups "exploiting the latest Exchange vulnerabilities grows, with thousands of email servers under siege" according to security company ESET.

REVIEW PROMOTION: Storing all your email online is great, but offline email is still critical. Besides the obvious advantage of working without an Internet connection, it’s faster to search and to open attachments. Yet, what if your offline email store is corrupted or damaged?

REVIEW PROMOTION: Storing all your email online is great, but offline email is still critical. Besides the obvious advantage of working without an Internet connection, it’s faster to search and to open attachments. Yet, what if your offline email store is corrupted or damaged?

REVIEW PROMOTION: Storing all your email online is great, but offline email is still critical. Besides the obvious advantage of working without an Internet connection, it’s faster to search and to open attachments. Yet, what if your offline email store is corrupted or damaged?

Russian security vendor Kaspersky is testing out a system to use machine learning to detect phishing emails in real time, the company says in a statement, adding that in 2019 its existing anti-phishing system had picked up 467 million attempts to connect to phishing websites.

Researchers at Slovakian security outfit ESET say they have found a sophisticated backdoor used by the well-known group Turla, which has also been called Snake.

The city of Moscow plans to replace Microsoft software on thousands of computers with domestic programs, according to a report on the Vedomosti website.