This week was November’s patch Tuesday, where Microsoft issued a security update that resolved 68 different vulnerabilities, 6 of which were actively exploited zero-day flaws. A total of 11 vulnerabilities that have been patched this week have been given a critical severity rating, due to a possible exploit leading to elevation of privileges, spoofing, or […]
Microsoft Patch Six Zero-Day Vulnerabilities Read More »
Two high severity zero-day vulnerabilities for the Microsoft Exchange Server have been found to be exploited in the wild. An elevation of privilege vulnerability, and a remote code execution vulnerability have been used by attackers to gain access into victim’s systems. The Cybersecurity and Infrastructure Security Agency (CISA) recently added these two flaws to their
Microsoft Exchange Server Vulnerabilities Exploited Read More »
Microsoft’s August patch Tuesday security update included fixes for 138 vulnerabilities, 17 of which were classified as ‘Critical’ flaws. The security patches issued cover 40 different Microsoft and Windows products and features, including critical Windows system operations, and popular applications such as Microsoft Edge, Microsoft Office, and the Microsoft Exchange Server. Two zero-day vulnerabilities were
Microsoft Patches Critical Zero-Day Vulnerabilities Read More »
Microsoft have warned customers of a form of attack capable of targeting unpatched Microsoft Exchange servers. The attacks taking place in the first 5 months of this year saw threat actors using Internet Information Services (IIS) extension modules to: access their victim’s email mailboxes, execute commands remotely, harvest credentials from within the system memory, steal
Microsoft Exchange Servers Open to Backdoor Hack Read More »
A new report from HP’s Threat Research Blog provides details of an evasive Javascript loader that gets passed security tools 89% of the time. Remote Access Trojans (RATs) are a class of malware that is designed to gain persistent access to the target computer system, and by leveraging elevation of privilege vulnerabilities gain administrator rights
How to defend against the RATdispenser Read More »
A flaw in the design of the Autodiscover protocol used to set-up email clients with Exchange Server can cause domain credentials to be sent in the clear to a server controlled by an attacker. The Microsoft Autodiscover protocol makes it easier for end users to configure their email client to connect to an Exchange Server
Microsoft Autodiscover protocol leaks domain credentials Read More »
The September update for Microsoft Exchange includes a new security feature for on-premises servers – they can now automatically mitigate new vulnerabilities just like the cloud versions used by Office 365. The last 12 months have not been fun for Exchange administrators with a series of high-profile vulnerabilities affecting on-premise Exchange servers resulting in the
Exchange can now automatically mitigate new vulnerabilities Read More »
Business Email Compromise, and its evil brother CEO Fraud, are both email based fraud attacks that seek to trick the victim into paying a fake invoice or transferring or diverting funds through some other kind of deception. Read on to learn how to protect your business from BEC Fraud. What is BEC fraud? Business Email
The rise and rise of BEC fraud Read More »
Details have emerged of (another) Exchange Server vulnerability, called ProxyToken, which allows an attacker to reconfigure an Exchange server remotely without needing to know any passwords. Reported by the Zero Day Initiative the vulnerability affects Exchange server versions 2013 through 2019: With this vulnerability, an unauthenticated attacker can perform configuration actions on mailboxes belonging to
Yet another Exchange Server vulnerability Read More »
ProxyShell can be exploited to achieve a Remote Code Execution without needing to know any usernames or passwords for the targeted Exchange Server – security vulnerabilities do not come any worse than this. ProxyShell is easier to exploit than the ProxyLogon attacks that hit the headlines earlier this year, prompting CISA to issue their first ever
ProxyShell vulnerability hits Exchange Servers Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.