Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Exchange
German CERT-Bund warns about vulnerable Exchange Server with OWA reachable from Internet
[German]It seems, that many vulnerable Microsoft Exchange servers are been used to play Russian roulette. German CERT-Bund has alerted a warning. They found about 12,000 Exchange Servers 2013/2016/2019, whose OWA is accessible via the Internet and which have at least … Continue reading
Astra Group has developed a software stack with an Exchange Server replacement for Russia
[German]The russian Astra Group has developed a replacement for Microsoft's Exchange Server that fully implements its functionality. The product is scheduled to hit the Russian market at the end of the first quarter of 2022. The company intends to fully … Continue reading
ProxyShell, Squirrelwaffle and a new PoC Exploit, patch your Exchange Server!
[German]Currently, I warn about running unpatched Exchange vulnerabilities and ProxyShell attacks almost on a daily basis. A few days ago, Trend Micro issued a warning about attacks against ProxyShell vulnerabilities via the Squirrelwaffle exploit and the takeover of Exchange email … Continue reading
ProxyNoShell: Mandiant warns of new attack methods on Exchange servers (Nov. 2021)
[German]Cyber attackers have been using three known vulnerabilities in Microsoft's Exchange Servers for months, for which updates have been available for months. Despite this, there are around 30,000 Microsoft Exchange Servers accessible via the Internet that are vulnerable to attack … Continue reading
CERT-Federation, USA, GB warns about attacks on Exchange and Fortinet
[German]German CERT-Bund currently warns against outdated Microsoft Exchange servers. In Germany, thousands of Exchange Servers 2010 with open OWA are still in operation. Security organizations in the United States and the United Kingdom are also sounding the alarm because Iranian … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
CERT warning: Compromised Exchange servers are misused for email attacks (Nov. 2021)
[German]Security researcher, and the Federal Office for Information Security (BSI), and CERT-Bund have issued a warning. These organizations are currently (Nov. 2021) observing a significant increase in e-mail attacks. The two organizations assume that these e-mails are sent from compromised … Continue reading
Babuk gang uses ProxyShell vulnerability in Exchange for ransomware attacks
[German]Cisco Talos security researchers have discovered that the Babuk ransomware gang is using the ProxyShell vulnerability in Microsoft Exchange to install a web shell called "China Chopper". A Babuk ransomware partner named "Tortilla" probably joined the group in October and … Continue reading
Tianfu Cup 2021: Exchange 2019 and iPhone hacked
[German]I think the developers at Apple and Microsoft – as well as some other software companies – will have their work cut out for them. At the Chinese Tianfu Cup 2021, which is currently (Oct. 16./17. 2021) underway, there was … Continue reading
Security updates for Exchange Server (October 2021)
[German]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 as of October 12, 2021. These October updates are required to address vulnerabilities reported by external security partners and found through Microsoft's internal processes. … Continue reading
Posted in Security, Software, Update, Windows
Tagged Exchange, Patchday 10.2021, Security, Update
Leave a comment
Let's Encrypt certificate trouble with Windows, Sophos UTM, macOS/iOS (2021/09/30)
[German]As of September 30, 2021, some root certificates that Let's-Encrypt used to sign user certificates expired. This meant that certain devices or applications could no longer access websites or mail servers. I have seen cases with iOS 14/15 and macOS, … Continue reading