Collaborate Disseminate
To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild (CVE-2023-21674) and one (CVE-2023-21549) that’s been publicly disclosed. Both allow attackers to elev… Continue reading Microsoft plugs actively exploited zero-day hole (CVE-2023-21674)
The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the company confirmed last week. The exploit chains CVE-2022-41082, a RCE flaw, and CVE… Continue reading Rackspace ransomware attack was executed by using previously unknown security exploit
Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on Microsoft Exchange servers. The ProxyNotShell exploit chain used CVE-2022-41040, a S… Continue reading New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell. Continue reading CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
Instead of juggling two different sets of contacts, you can keep your iPhone and Outlook contact lists synchronized. Here are four ways to get it done. Continue reading How to Sync Contacts Between Your iPhone & Outlook in 4 Ways
Rackspace has finally confirmed the cause of the ongoing outage of its Hosted Exchange service: it’s ransomware. “As you know, on Friday, December 2nd, 2022, we became aware of suspicious activity and immediately took proactive measures to … Continue reading Rackspace Hosted Exchange outage was caused by ransomware
Cloud computing company Rackspace has suffered a security breach that has resulted in a still ongoing outage of their Hosted Exchange environment. “In order to best protect the environment, this will continue to be an extended outage of Hosted Ex… Continue reading Rackspace Hosted Exchange service outage caused by security incident
We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. Continue reading Advanced threat predictions for 2023
November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, a Windows Mark of the Web bypass flaw, and the ProxyNotShell MS Exchange vulnerabilities. Fixes to prioritize CVE-2022-41… Continue reading Microsoft fixes many zero-days under attack
This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. We hope that it helps you to stay up to date on the modern threat landscape and to be better prepared for attacks. Continue reading Server-side attacks, C&C in public clouds and other MDR cases we observed