Security News

Microsoft is investigating an ongoing outage blocking Exchange Online customers worldwide from accessing their mailboxes or sending/receiving emails. Affected users see "550 5.4.1 Recipient address rejected: Access denied" errors when trying to send or when receiving messages, starting today at 1:11 PM UTC. "We're investigating an issue wherein users may be unable to access their Exchange Online mailboxes via any connection method. Additional details can be found within the Service Health Dashboard under EX522020," Microsoft tweeted earlier today.

After having stressed the importance of keeping Exchange servers updated last month, Microsoft is advising administrators to widen the scope of antivirus scanning on those servers. Microsoft Exchange servers in attackers' crosshairs.

Microsoft is recommending that Exchange server users scan certain objects for viruses and other threats that until now had been excluded. Microsoft late last month urged Exchange server users to make sure their systems are up-to-date with the latest Cumulative and Security updates and hardened against cyberattacks.

Microsoft says admins should remove some previously recommended antivirus exclusions for Exchange servers to boost the servers' security. "Keeping these exclusions may prevent detections of IIS webshells and backdoor modules, which represent the most common security issues," the Exchange Team said.

A new malware dubbed 'ProxyShellMiner' exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers. ProxyShell is the name of three Exchange vulnerabilities discovered and fixed by Microsoft in 2021.

Microsoft has reminded admins that Exchange Server 2013 is reaching its extended end-of-support date in 60 days, on April 11, 2023. The first version of Exchange Server 2013 was released in January 2013, and it reached its mainstream end date four years ago, in April 2018.

The man accused of bringing down decentralized crypto exchange Mango Markets through market manipulation has made his first appearance in court in connection with the theft of millions in cryptocurrency. Avraham Eisenberg was arrested in late December in Puerto Rico in relation to charges [PDF] filed by the US Securities and Exchange Commission, which allege he made off with more than $110 million in crypto "By artificially manipulating the price of certain perpetual futures contracts."

Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads."Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post.

Microsoft is urging organizations to protect their Exchange servers from cyberattacks by keeping them updated and hardened, since online criminals are still going after valuable data in the email system. Enterprises need to make sure to install the latest Cumulative Updates and Security Updates on the Exchange servers - and occasionally on Exchange Management Tools workstations - and to run manual tasks like enabling Extended Protection and certificate signing of PowerShell serialization payloads, according to the vendor's Exchange Team.

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update to have them always ready to deploy an emergency security update. "To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU and the latest SU," The Exchange Team said.