New GhostContainer Malware Hits High-Value MS Exchange Servers in Asia

Kaspersky's SecureList reveals GhostContainer, a new, highly customized backdoor targeting government and high-tech organizations in Asia via Exchange server vulnerabilities. Learn how this APT malware operates and how to stay protected...

New Wave of Cyberattacks Targeting MS Exchange Servers

By Waqas Cybercriminals are leveraging two exploit chains ProxyNotShell/OWASSRF to target Microsoft Exchange servers, as warned by Bitdefender Labs. This is a post from HackRead.com Read the original post: New Wave of Cyberattacks Targeting MS Exchange Servers...

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution RCE through Outlook Web Access OWA. "The new exploit method bypasses...

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Summary At the end of September, GTSC reported an attack on critical infrastructure that took place in August. During the investigation, experts found that two 0-day vulnerabilities in Microsoft Exchange Server were used in the attack. The first one, later identified as CVE-2022-41040, is a...

New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers

An advanced persistent threat APT actor codenamed ToddyCat has been linked to a string of attacks aimed at government and military entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft...

libspf2 buffer overflow vulnerability

libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that email is authorized from its domain. libspf2 suffers from a buffer overflow vulnerability, which stems from the fact that libspf2's SPF macro can trigger a...

Conti ransomware affiliates hit Exchange Servers with ProxyShell exploits

By Waqas Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers. This is a post from HackRead.com Read the original post: Conti ransomware affiliates hit Exchange Servers with ProxyShell exploits...

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan RAT on compromised systems. Attributing the intrusions to a threat actor...

Prometei botnet uses NSA exploit, hits unpatched MS exchange servers

By Waqas Unpatched MS Exchange Servers are being hunted by Prometei botnet to expand its army of Monero cryptocurrency mining bots. This is a post from HackRead.com Read the original post: Prometei botnet uses NSA exploit, hits unpatched MS exchange servers...

Unpatched MS Exchange servers hit by cryptojacking malware

By Waqas Threat actors are looking for vulnerable, unpatched Microsoft Exchange servers and installing cryptocurrency mining malware on them. This is a post from HackRead.com Read the original post: Unpatched MS Exchange servers hit by cryptojacking malware...

FBI accessing computers across US to remove malicious web shells

By Deeba Ahmed FBI is Accessing Computers Across the Us to Prevent Hafnium from Exploiting MS Exchange Server Vulnerabilities - All without telling owners. This is a post from HackRead.com Read the original post: FBI accessing computers across US to remove malicious web shells...

[SECURITY] Fedora 34 Update: evolution-mapi-3.39.3-1.fc34

This package allows Evolution to interact with MS Exchange 2007 servers...

Fedora: Security Advisory for evolution-mapi (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:0093-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.6.1 changed: MailExtensions: browserAction, composeAction, and messageDisplayAction toolbar buttons now support label and defaultlabel properties bmo1583478 fixed: Running a quicksearch that returned no result...

CVE-2019-12759

Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...

CVE-2019-12759

CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...

Qualys Cloud Platform (VM, PC) 8.19 New Features

This new release of the Qualys Cloud Platform VM, PC, version 8.19, contains several new features and improvements in Qualys Vulnerability Management and Policy Compliance, which include an improved display of deadlines for remediation policies in VM; additional support for MS Exchange Server...

Skype for business is also vulnerable to the autodiscovery issue

An issue in WPAD proxy automatic configuration was first discovered by Maxim Andreev back in 2015 at the MailRu group security meet-up and then was presented by Maxim Goncharov at BlackHat US 2016 slides. This year Ilya Nesterov and Maxim Goncharov presented a continuation of this research and...

Tasks & Notes for MS Exchange - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Tasks & Notes for MS Exchange published at the 'play' market has multiple vulnerabilities...

Computer Associates InoculateIT 4.53 MS Exchange Agent Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1935/info InoculateIT 4.52 is a popular antivirus agent for Microsoft Exchange Servers. A vulnerability exists in the InoculateIT Agent for MS Exchange that can allow a local attacker to pass a virus through both the age...