Security News

Microsoft reveals how hackers breached its Exchange Online accounts
2024-01-26 15:23

On January 12, 2024, Microsoft discovered that Russian hackers breached its systems in November 2023 and stole email from their leadership, cybersecurity, and legal teams.Microsoft now explains that the threat actors used residential proxies and "Password spraying" brute-force attacks to target a small number of accounts, with one of these accounts being a "Legacy, non-production test tenant account."

Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators
2024-01-19 11:24

In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood of any organization in today's interconnected and digital world. Thus,...

Microsoft Exchange 2019 has reached end of mainstream support
2024-01-10 16:43

Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023. "Per the Exchange Server 2019 lifecycle, Exchange Server 2019 is now in Extended support. But, as we said last November, a lot more is coming for Exchange Server 2019," said Microsoft Exchange Product Marketing Manager Scott Schnoll on Monday.

Information-blocking rule in 21st Century Cures Act redefines data exchange in healthcare
2023-12-18 04:30

A Verato survey offers perspectives on the data management strategies of healthcare executives, highlighting the crucial role of Healthcare Master Data Management in addressing key gaps, facilitating seamless data exchange, and aligning with the mandates of the 21st Century Cures Act. The 21st Century Cures Act set standards for the secure and frictionless exchange of data among payers, providers and consumers, including the establishment of an information-blocking rule that was finalized earlier this year.

Ex-Amazon engineer pleads guilty to hacking crypto exchanges
2023-12-15 20:32

Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an unnamed exchange on the Solana blockchain platform that Ahmed hacked using his blockchain audit and smart contract reverse engineering skills.

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support
2023-12-11 07:57

With its innovative feature for generating reliable Vulnerability Exploitability eXchange documents, Kubescape became the first open-source project to provide this functionality. Vulnerability Exploitability eXchange is a standard that facilitates the sharing and analyzing of information about vulnerabilities and their potential for exploitation.

Founder of Bitzlato Cryptocurrency Exchange Pleads Guilty in Money-Laundering Scheme
2023-12-08 05:41

The Russian founder of the now-defunct Bitzlato cryptocurrency exchange has pleaded guilty, nearly 11 months after he was arrested in Miami earlier this year. Anatoly Legkodymov (aka Anatolii...

Russian pleads guilty to running crypto-exchange used by ransomware gangs
2023-12-07 17:09

Russian national Anatoly Legkodymov pleaded guilty to operating the Bitzlato cryptocurrency exchange that helped ransomware gangs and other cybercriminals launder over $700 million. As a Bitzlato co-founder and principal stakeholder, Legkodymov has agreed to disband the cryptocurrency exchange and relinquish any rights to approximately $23 million in seized assets, as outlined in the plea agreement.

Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines
2023-12-07 16:47

The U.S. Securities and Exchange Commission's new rules around disclosure of cybersecurity incidents go into effect on Dec. 15 for public companies with fiscal years starting on or after that date.Now, those organizations are asking what they need to alter or enhance about their disclosure procedures, incident response and existing cyber capabilities.

Russian hackers exploiting Outlook bug to hijack Exchange accounts
2023-12-04 20:14

Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information. The tech giant also highlighted the exploitation of other vulnerabilities with publicly available exploits in the same attacks, including CVE-2023-38831 in WinRAR and CVE-2021-40444 in Windows MSHTML. Outlook flaw exploitation background.