Security News
Microsoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. [...]
Microsoft reminded today that Exchange 2016 will reach the end of extended support next year on October 14 and shared guidance for admins who need to decommission outdated servers. [...]
In a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country. U.S. President Joe Biden called the deal a "Feat of diplomacy," adding "Some of these women and men have been unjustly held for years." Other nations that played a role in the swap include Poland and Turkey.
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. [...]
The United Kingdom's Information Commissioner's Office revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, these security flaws were chained to hack into the commission's Exchange Server 2016 and deploy web shells, which allowed the attackers to gain persistence after installing web shells and backdoors.
Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House service provider, whose name was not disclosed. According to the notification, Gemini suffered a third-party data breach when an unauthorized actor breached its vendor's systems between June 3 and June 7, 2024.
Decentralized finance crypto exchange dYdX announced on Tuesday that the website for its older v3 trading platform has been compromised. dYdX also warned users not to visit or interact with the hacked dydx[.
Indian crypto exchange WazirX has revealed it lost virtual assets valued at over $230 million after a cyber attack that has since been linked to North Korea. According to a late Thursday WazirX Xeet, the attack targeted one of its multi-signature wallets - digi-cash lockers that are designed to offer superior security by requiring multiple private keys to authorize a transaction.
"A cyber attack occurred in one of our wallets involving a loss of funds exceeding $230 million," the company said in a statement. The Mumbai-based company said the attack stemmed from a mismatch between the information that was displayed on Liminal's interface and what was actually signed.
Microsoft is rolling out inbound SMTP DANE with DNSSEC for Exchange Online in public preview, a new capability to boost email integrity and security. The SMTP DANE security protocol utilizes a TLS Authentication DNS record to verify the identity of destination mail servers and the authenticity of the certificates used for securing email communication.