New Wave of Cyberattacks Targeting MS Exchange Servers
Cybercriminals are leveraging two exploit chains (ProxyNotShell/OWASSRF) to target Microsoft Exchange servers, as warned by Bitdefender Labs.
January 25, 2023
Microsoft Innovations for 2023: What to Look Out for This Year
This article will highlight some of the most significant Microsoft innovations that could make an impact in 2023 and beyond.
January 20, 2023
Microsoft-Signed Drivers Helped Hackers Breach System Defenses
Researchers at Sophos X-Ops Rapid Response (RR), Mandiant, and SentinelOne have confirmed Microsoft's blunder.
December 14, 2022
Retired Software Exploited To Target Power Grids, Microsoft
Boa was discontinued in 2005 but remained popular and is now becoming a crisis because of the complex nature of how it was built into the IoT device supply chain.
November 23, 2022
Microsoft Issues Patches to Fix 6 Active 0-Day Windows Vulnerabilities
Microsoft has urged Windows Administrators to install the updates urgently so make sure you have the latest patches installed!
November 9, 2022
Microsoft Exposed 2.4 TB of Business Customer Data in BlueBleed Breach
According to researchers, the data included 335,000 emails, 548,000 users, and 133,000 projects.
October 20, 2022
Researchers: Office 365 Encryption Flaw Compromise Message Confidentiality
According to researchers, the security flaw can be exploited for inferring message contents due to the flawed Office 365 Message Encryption (OME) security method.
October 17, 2022
Zoom Phishing Scam Steals Microsoft Exchange Credentials
The phishing email, which was marked as safe by Microsoft, was aimed at 21,000 users of a national healthcare firm.
October 10, 2022
Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers
The latest attack against Exchange servers utilizes at least two new flaws (CVE-2022-41040, CVE-2022-41082) that have been assigned CVSS scores of 6.3 and 8.8.
September 30, 2022
New Spam Attack Abusing OAuth Apps to Target Microsoft Exchange Servers
According to Microsoft 365 Defender Research Team, in an incident they analyzed, malicious OAuth applications were deployed on compromised cloud tenants, and eventually, attackers took over Exchange servers to carry out spam campaigns.
September 23, 2022