Microsoft urges admins to patch on-premises Exchange servers
Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have…
CISA orders agencies to patch Exchange bug abused by ransomware gang
The Cybersecurity and Infrastructure Security Agency (CISA) has added two more security vulnerabilities to its catalog of exploited bugs today. [...]
Rackspace Ransomware Incident Highlights Risks of Relying on Mitigation Alone
Organizations often defer patching because of business disruption fears — but that didn't work out very well for Rackspace's Hosted…
Rackspace: Ransomware Attack Bypassed ProxyNotShell Mitigations
The hosting provider had not applied Microsoft's new patch due to publicly reported issues with the update.
Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks
More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE)…
The Week in Ransomware – December 23rd 2022 – Targeting Microsoft Exchange
Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate…
Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Patch Tuesday, November 2022 Election Edition
Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story…
Microsoft fixes ProxyNotShell Exchange zero-days exploited in attacks
Microsoft has released security updates to address two high-severity Microsoft Exchange zero-day vulnerabilities collectively known as ProxyNotShell and exploited in…
Microsoft November 2022 Patch Tuesday fixes 6 exploited zero-days, 68 flaws
Today is Microsoft's November 2022 Patch Tuesday, and with it comes fixes for six actively exploited Windows vulnerabilities and a…