Security News

Microsoft: Exchange Online mistakenly tags emails as malware
2024-08-26 16:53

Microsoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. [...]

Microsoft: Exchange 2016 reaches extended end of support in October
2024-08-08 20:45

​Microsoft reminded today that Exchange 2016 will reach the end of extended support next year on October 14 and shared guidance for admins who need to decommission outdated servers. [...]

U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange
2024-08-02 07:24

In a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country. U.S. President Joe Biden called the deal a "Feat of diplomacy," adding "Some of these women and men have been unjustly held for years." Other nations that played a role in the swap include Poland and Turkey.

FBI warns of scammers posing as crypto exchange employees
2024-08-01 15:28

The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. [...]

UK govt links 2021 Electoral Commission breach to Exchange server
2024-07-30 12:00

The United Kingdom's Information Commissioner's Office revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, these security flaws were chained to hack into the commission's Exchange Server 2016 and deploy web shells, which allowed the attackers to gain persistence after installing web shells and backdoors.

Crypto exchange Gemini discloses third-party data breach
2024-07-26 19:31

Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House service provider, whose name was not disclosed. According to the notification, Gemini suffered a third-party data breach when an unauthorized actor breached its vendor's systems between June 3 and June 7, 2024.

DeFi exchange dYdX v3 website hacked in DNS hijack attack
2024-07-23 20:08

Decentralized finance crypto exchange dYdX announced on Tuesday that the website for its older v3 trading platform has been compromised. dYdX also warned users not to visit or interact with the hacked dydx[.

North Korea likely behind takedown of Indian crypto exchange WazirX
2024-07-19 05:59

Indian crypto exchange WazirX has revealed it lost virtual assets valued at over $230 million after a cyber attack that has since been linked to North Korea. According to a late Thursday WazirX Xeet, the attack targeted one of its multi-signature wallets - digi-cash lockers that are designed to offer superior security by requiring multiple private keys to authorize a transaction.

WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach
2024-07-19 04:07

"A cyber attack occurred in one of our wallets involving a loss of funds exceeding $230 million," the company said in a statement. The Mumbai-based company said the attack stemmed from a mismatch between the information that was displayed on Liminal's interface and what was actually signed.

Exchange Online adds Inbound DANE with DNSSEC for security boost
2024-07-17 19:02

Microsoft is rolling out inbound SMTP DANE with DNSSEC for Exchange Online in public preview, a new capability to boost email integrity and security. The SMTP DANE security protocol utilizes a TLS Authentication DNS record to verify the identity of destination mail servers and the authenticity of the certificates used for securing email communication.