Exchange Server Archives - ThreatsHub Cybersecurity News

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

October 1, 2022 TH Author Cybersecurity, Exchange Server, Microsoft, Microsoft security intelligence, Security, Vulnerabilities

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.
The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Malicious OAuth applications used to compromise email servers and spread spam

September 22, 2022 TH Author Cybersecurity, Exchange Server, malicious OAuth applications, Microsoft security intelligence, spam

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange servers to launch spam runs.
The post Malicious OAuth applications used to compromise email servers and spread spam appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

March 25, 2021 TH Author coin miner, Cybersecurity, DoejoCrypt, Exchange Server, exploits, Lemon Duck, Microsoft security intelligence, post-exploitation, Pydomer, ransomware, Vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. As organizations recover from this incident, we continue to publish guidance and share threat intelligence to help detect and evict threat actors from affected environments.
The post Analyzing attacks taking advantage of the Exchange Server vulnerabilities appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

March 18, 2021 TH Author CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, Cybersecurity, Exchange Server, exploits, Microsoft security intelligence, Vulnerabilities

Microsoft Defender Antivirus and System Center Endpoint Protection will automatically mitigate CVE-2021-26855 on any vulnerable Exchange Server on which it is deployed. We have taken this additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update.
The post Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

HAFNIUM targeting Exchange Servers with 0-day exploits

March 2, 2021 TH Author Cybersecurity, Exchange Server, HAFNIUM, Microsoft security intelligence, Microsoft Threat Intelligence Center (MSTIC), MSRC, Security Intelligence, threat intelligence, Threat protection

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM.
The post HAFNIUM targeting Exchange Servers with 0-day exploits appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Defending Exchange servers under attack

June 24, 2020 TH Author behavioral blocking and containment, Cybersecurity, Exchange Server, fileless, living-off-the-land, Microsoft security intelligence, Threat protection, web shell

Exchange servers are high-value targets. These attacks also tend to be advanced threats with highly evasive, fileless techniques. Keeping these servers safe from these advanced attacks is of utmost importance.
The post Defending Exchange servers under attack appeared first on Microsoft Security. READ MORE HERE…