Exchange
CISA and NSA share tips on securing Microsoft Exchange servers
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance to help IT administrators harden Microsoft Exchange servers on their networks against attacks. Recommended best practices include hardening user authentication and access, minimizing application attack surfaces, and ensuring strong network encryption. The agencies also advise network defenders to decommission […]
Microsoft: Exchange 2016 and 2019 reach end of support in 30 days
Microsoft has reminded administrators again that Exchange 2016 and Exchange 2019 will reach the end of extended support next month and has provided guidance for decommissioning outdated servers. According to the company’s product lifecycle website, Exchange 2016 reached mainstream end date in October 2020, while Exchange 2019’s mainstream support ended on January 9, 2024. Microsoft also reminded customers in January that […]
Microsoft warns of high-severity flaw in hybrid Exchange deployments
Microsoft has warned customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that could allow attackers to escalate their privileges in Exchange Online cloud environments without leaving any traces. Exchange hybrid configurations connect on-premises Exchange servers to Exchange Online (part of Microsoft 365), allowing for seamless integration of email and calendar features between […]
Hacker steals $27 million in BigONE exchange crypto breach
Cryptocurrency exchange BigONE disclosed that hackers stole various digital assets valued at $27 million in an attack yesterday. The platform announced that private keys and user data remain unaffected by the intrusion and any customers that incurred losses will be reimbursed from available reserves. “In the early hours of July 16, BigONE detected abnormal movements involving […]
Microsoft: Exchange Server Subscription Edition now available
Microsoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service. As the company explained, the Exchange Server SE RTM build released this week can be installed as a cumulative update (CU) on servers running Exchange Server 2019 CU15 or CU14, and it can also […]
Hacker steals $223 million in Cetus Protocol cryptocurrency heist
The decentralized exchange Cetus Protocol announced that hackers have stolen $223 million in cryptocurrency and is offering a deal to stop all legal action if the funds are returned. The project also announced a $5 million bounty to anyone providing relevant information leading to the identification and arrest of the attacker. Cetus Protocol is a […]
Germany takes down eXch cryptocurrency exchange, seizes servers
The Federal police in Germany (BKA) seized the server infrastructure and shut down the ‘eXch’ cryptocurrency exchange platform for alleged money laundering cybercrime proceeds. During the law enforcement operation, the authorities also seized eight terabytes of data and cryptocurrency (Bitcoin, Ether, Litecoin, and Dash) worth approximately $38,000,000, making this the third largest seizure of digital assets […]
US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks
A 36-year-old Yemeni national, who is believed to be the developer and primary operator of ‘Black Kingdom’ ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft Exchange servers. The suspect, Rami Khaled Ahmed, is accused of deploying the Black Kingdom malware on roughly 1,500 computers in the United States and abroad, […]
Microsoft: Exchange 2016 and 2019 reach end of support in six months
Microsoft warned that Exchange 2016 and Exchange 2019 will reach the end of support six months from now, on October 14. The Exchange Server Engineering Team also shared guidance for admins who need to decommission outdated servers until then, cautioning that Exchange 2016 and Exchange 2019 servers will be exposed to attacks since they’ll no […]
Microsoft links recent Microsoft 365 outage to buggy update
Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication. According to an incident report published in the Microsoft 365 admin center on Saturday at 09:29 PM UTC, the incident also triggered Teams and Power Platform degraded functionality and caused Purview access issues and errors. […]