Microsoft Exchange Autodiscover flaw reveals users’ passwords

Credit to Author: Pieter Arntz| Date: Thu, 23 Sep 2021 17:11:28 +0000

Researchers were able to harvest hundreds of thousands of credentials thanks to a quirk of the Autodiscover process.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Microsoft Exchange Autodiscover flaw reveals users’ passwords appeared first on Malwarebytes Labs.

Read more

ProxyToken: Another nail-biter from Microsoft Exchange

Credit to Author: Pieter Arntz| Date: Tue, 31 Aug 2021 13:29:05 +0000

The latest episode of 2021’s longest-running saga doesn’t disappoint.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post ProxyToken: Another nail-biter from Microsoft Exchange appeared first on Malwarebytes Labs.

Read more

A week in security (August 23 – August 29)

Credit to Author: Malwarebytes Labs| Date: Mon, 30 Aug 2021 15:21:44 +0000

A round-up of the most interesting blog posts and security news happenings for the week of August 23 to August 29.

Categories: A week in security

Tags:

(Read more…)

The post A week in security (August 23 – August 29) appeared first on Malwarebytes Labs.

Read more

ProxyShell vulnerabilities in Microsoft Exchange: What to do

Credit to Author: Greg Iddon| Date: Mon, 23 Aug 2021 18:00:22 +0000

Last updated 2021-08-23 UTC 18:10 Overview Threat actors are actively scanning and exploiting vulnerable Microsoft Exchange servers that have not applied security patches released earlier this year. ProxyShell, the name given to a collection of vulnerabilities for Microsoft Exchange servers, enables an actor to bypass authentication and execute code as a privileged user. ProxyShell comprises [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/3OJ3pFWvR1M” height=”1″ width=”1″ alt=””/>

Read more

US, EU, UK, NATO blame china for “reckless” Exchange attacks

Credit to Author: Pieter Arntz| Date: Tue, 20 Jul 2021 14:11:48 +0000

The US, UK, EU, and NATO have have issued a coordinated, public censure of China for its role in attacks against Exchange servers earlier this year.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post US, EU, UK, NATO blame china for “reckless” Exchange attacks appeared first on Malwarebytes Labs.

Read more

MTR in Real-Time: Exchange ProxyLogon Edition

Credit to Author: Michael Heller| Date: Wed, 17 Mar 2021 16:32:29 +0000

The recently reported collection of Microsoft Exchange Server zero-day vulnerabilities has rocked the infosec world, impacting tens of thousands of organizations around the world, with some estimates exceeding 100,000 and growing by the day. The exploitations seen in the wild were first attributed to a nation state actor dubbed Hafnium, but the vulnerabilities and attacks [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/GdZsNVuZwSw” height=”1″ width=”1″ alt=””/>

Read more

The Malwarebytes 2021 State of Malware report: Lock and Code S02E04

Credit to Author: Malwarebytes Labs| Date: Mon, 15 Mar 2021 18:03:46 +0000

This week on Lock and Code, we discuss the top security headlines and talk to Adam Kujawa about the 2021 State of Malware report.

Categories: Podcast

Tags:

(Read more…)

The post The Malwarebytes 2021 State of Malware report: Lock and Code S02E04 appeared first on Malwarebytes Labs.

Read more

DearCry ransomware: what it is and how to stop it

Credit to Author: Editor| Date: Fri, 12 Mar 2021 20:10:21 +0000

DearCry is a new ransomware variant that exploits the same vulnerabilities in Micosoft Exchange as Hafnium. It creates encrypted copies of the attacked files and deletes the originals. DearCry’s encryption is based on a public-key cryptosystem. The public encryption key is embedded in the ransomware binary, meaning it does not need to contact the attacker’s [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/UWPdGbZMKV8″ height=”1″ width=”1″ alt=””/>

Read more