Security News

Microsoft Urges Customers to Secure On-Premises Exchange Servers
2023-01-28 10:42

Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads."Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post.

Microsoft to enterprises: Patch your Exchange servers
2023-01-28 01:03

Microsoft is urging organizations to protect their Exchange servers from cyberattacks by keeping them updated and hardened, since online criminals are still going after valuable data in the email system. Enterprises need to make sure to install the latest Cumulative Updates and Security Updates on the Exchange servers - and occasionally on Exchange Management Tools workstations - and to run manual tasks like enabling Extended Protection and certificate signing of PowerShell serialization payloads, according to the vendor's Exchange Team.

Microsoft urges admins to patch on-premises Exchange servers
2023-01-26 23:02

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update to have them always ready to deploy an emergency security update. "To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU and the latest SU," The Exchange Team said.

Microsoft 365 outage takes down Teams, Exchange Online, Outlook
2023-01-25 09:11

Microsoft is investigating an ongoing outage impacting multiple Microsoft 365 services after customers have reported experiencing connection issues."We're investigating issues impacting multiple Microsoft 365 services. We've identified a potential networking issue and are reviewing telemetry to determine the next troubleshooting steps," the Microsoft 365 team said in a Twitter thread. "We've isolated the problem to networking configuration issues, and we're analyzing the best mitigation strategy to address these without causing additional impact."

The Week in Ransomware - January 20th 2023 - Targeting Crypto Exchanges
2023-01-20 22:08

There has been quite a bit of ransomware news this week, with crypto exchanges being seized for alleged money laundering and researchers providing fascinating reports on the behavior of ransomware operators. For those who want to learn more about the rise of the most prominent ransomware operation at this time, you should definitely give DiMaggio's Unlocking LockBit - a Ransomware Story a read. The US and France also conducted a law enforcement operation where they seized the domain and arrested the operator of the Bizlato crypto exchange for allegedly money laundering crypto proceeds generated from ransomware and illegal drug transaction.

Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals
2023-01-19 10:43

The U.S. Department of Justice on Wednesday announced the arrest of Anatoly Legkodymov, the cofounder of Hong Kong-registered cryptocurrency exchange Bitzlato for allegedly processing $700 million in illicit funds. According to court documents, Bitzlato is said to have advertised itself as a virtual currency exchange with minimal identification requirements for its users, breaking the rules requiring the vetting of customers.

Bitzlato crypto exchange seized for ransomware, drugs money laundering
2023-01-18 17:50

The U.S. Department of Justice arrested and charged Russian national Anatoly Legkodymov, the founder of the Hong Kong-registered cryptocurrency exchange Bitzlato, with helping cybercriminals allegedly launder illegally obtained money. Because of "Deficient know-your-customer procedures, Bitzlato allegedly became a haven for criminal proceeds and funds intended for use in criminal activity," the DOJ said.

Crypto exchanges freeze accounts tied to North Korea’s notorious Lazarus Group
2023-01-17 06:29

Two cryptocurrency exchanges have frozen accounts identified as having been used by North Korea's notorious Lazarus Group. Lazarus Group is identified suspected of being a cybercrime crew run by the government of North Korea and is infamous for the WannaCry ransomware, attacking Sony Pictures and stealing secrets from energy companies.

Microsoft: Exchange Server 2013 reaches end of support in 90 days
2023-01-12 21:13

Microsoft warned customers today that Exchange Server 2013 will reach its extended end-of-support date 90 days from now, on April 11, 2023. Exchange Server 2013 was released in January 2013 and has already reached the mainstream end date more than four years ago, in April 2018.

Lawyers slam SEC for 'blatant fishing expedition' after Exchange mega-attack
2023-01-12 20:06

The US Securities and Exchange Commission has sued international law firm Covington & Burling for details about 298 of the biz's clients whose information was accessed by a Chinese state-sponsored hacking group in November 2020. In March 2022, the SEC issued a subpoena asking Covington to hand over information about the security breach including, among other things, all of the affected clients' names, and the amount of information that was accessed or stolen, and communications between the law firm and the clients about the exfiltration.