Latest Exchange news

"Researchers" exploit Kraken exchange bug, steal $3 million in crypto

The Kraken crypto exchange disclosed today that alleged security researchers exploited a zero-day website bug to steal $3 million in cryptocurrency and then refused to return the funds.
- Lawrence Abrams
- June 19, 2024
- 10:51 AM
- 0
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key.
- Ionut Ilascu
- April 03, 2024
- 08:21 PM
- 0
Germany warns of 17K vulnerable Microsoft Exchange servers exposed online

The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities.
- Sergiu Gatlan
- March 26, 2024
- 03:21 PM
- 4
Over 28,500 Exchange servers vulnerable to actively exploited bug

Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting.
- Bill Toulas
- February 19, 2024
- 01:46 PM
- 0
Microsoft: New critical Exchange bug exploited as zero-day

Microsoft warned today in an updated security advisory that a critical vulnerability in Exchange Server was exploited as a zero-day before being fixed during this month's Patch Tuesday.
- Sergiu Gatlan
- February 14, 2024
- 06:29 PM
- 1
Microsoft Exchange update enables Extended Protection by default

Microsoft is automatically enabling Windows Extended Protection on Exchange servers after installing this month's 2024 H1 Cumulative Update (aka CU14).
- Sergiu Gatlan
- February 14, 2024
- 12:34 PM
- 0
Microsoft Exchange 2019 has reached end of mainstream support

Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023.
- Sergiu Gatlan
- January 10, 2024
- 11:43 AM
- 0
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks

Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws.
- Ionut Ilascu
- December 02, 2023
- 01:54 PM
- 0
New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
- Bill Toulas
- November 03, 2023
- 11:14 AM
- 3
Microsoft breach led to theft of 60,000 US State Dept emails

Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May.
- Sergiu Gatlan
- September 28, 2023
- 04:45 PM
- 8
Hackers stole Microsoft signing key from Windows crash dump

Microsoft says Storm-0558 Chinese hackers stole a signing key used to breach government email accounts from a Windows crash dump after compromising a Microsoft engineer's corporate account.
- Sergiu Gatlan
- September 06, 2023
- 02:12 PM
- 2
Microsoft will enable Exchange Extended Protection by default this fall

Microsoft announced today that Windows Extended Protection will be enabled by default on servers running Exchange Server 2019 starting this fall after installing the 2023 H2 Cumulative Update (CU14).
- Sergiu Gatlan
- August 28, 2023
- 03:20 PM
- 0
US cyber safety board to analyze Microsoft Exchange hack of govt emails

The Department of Homeland Security's Cyber Safety Review Board (CSRB) has announced plans to conduct an in-depth review of cloud security practices following recent Chinese hacks of Microsoft Exchange accounts used by US government agencies.
- Bill Toulas
- August 11, 2023
- 01:35 PM
- 0
Exchange Online to block emails from vulnerable on-prem servers

Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent from "persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them.
- Sergiu Gatlan
- March 27, 2023
- 05:43 PM
- 2
Microsoft urges admins to patch on-premises Exchange servers

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update.
- Sergiu Gatlan
- January 26, 2023
- 06:02 PM
- 2
Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits.
- Sergiu Gatlan
- January 03, 2023
- 03:51 PM
- 1
Rackspace warns of phishing risks following ransomware attack

Cloud computing provider Rackspace warned customers on Thursday of increased risks of phishing attacks following a ransomware attack affecting its hosted Microsoft Exchange environment.
- Sergiu Gatlan
- December 09, 2022
- 02:51 PM
- 0
Rackspace confirms outage was caused by ransomware attack

Texas-based cloud computing provider Rackspace has confirmed today that a ransomware attack is behind an ongoing Hosted Exchange outage described as an "isolated disruption."
- Sergiu Gatlan
- December 06, 2022
- 10:31 AM
- 1
Rackspace: Ongoing Exchange outage caused by security incident

American cloud computing services provider Rackspace says an ongoing outage affecting its hosted Microsoft Exchange environments and likely thousands of customers was caused by a security incident.
- Sergiu Gatlan
- December 02, 2022
- 04:15 PM
- 2
Microsoft shares fix for Exchange Online mailbox issues in Outlook

Microsoft is working on a fix for a known issue that might prevent customers from configuring Exchange Online mailboxes in Outlook for Windows.
- Sergiu Gatlan
- October 18, 2022
- 03:31 PM
- 0