Security News

Victims of a massive global hack of Microsoft email server software - estimated in the tens of thousands by cybersecurity responders - hustled Monday to shore up infected systems and try to diminish chances that intruders might steal data or hobble their networks. While the hack doesn't pose the kind of national security threat as the more sophisticated SolarWinds campaign, which the Biden administration blames on Russian intelligence officers, it can be an existential threat for victims who didn't install the patch in time and now have hackers lingering in their systems.

Paysafe announces a new multi-year, global deal which will see Microsoft support Paysafe's strategic move to cloud-based transaction services. As part of the collaboration, Paysafe is leveraging Microsoft Azure's open and flexible cloud computing platform and tools for its US payment processing and merchant services.

The European Banking Authority on Sunday said it had been a victim of a cyberattack targeting its Microsoft Exchange Servers, forcing it to temporarily take its email systems offline as a precautionary measure. "As the vulnerability is related to the EBA's email servers, access to personal data through emails held on that servers may have been obtained by the attacker," the Paris-based regulatory agency said.

Early last week, Microsoft revealed that a China-based group called Hafnium has been launching cyberattacks against organizations by exploiting four zero-day vulnerabilities in on-premises versions of its Exchange Server software. Calling this Microsoft Exchange/OWA hack a pretty elaborate attack, Michael Isbitski, Technical Evangelist at Salt Security, told TechRepublic that he suspects this will impact a lot of organizations still operating their own mail infrastructure rather than using a SaaS like Microsoft 365.

Microsoft is working on boosting Exchange Online phishing protection capabilities by adding support for external email message tags to its cloud-based email service. "This will be achieved by presenting a new tag on emails called 'External' in the message list," Microsoft explains in the Microsoft 365 roadmap.

The European Banking Authority, a key EU financial regulator, says it has fallen victim to a hack of its Microsoft email system which the US company blames on a Chinese group. Microsoft said last week that a state-sponsored group operating out of China was exploiting previously unknown security flaws in its Exchange email services to steal data from business and government users, believed to number in the tens of thousands so far.

It is Microsoft Exchange and its drooling minion, Outlook. It's easy to get things wrong in Exchange admin.

Microsoft has pushed out a new update for their Microsoft Safety Scanner tool to detect web shells deployed in the recent Exchange Server attacks. On March 2nd, Microsoft disclosed that four Exchange Server zero-day vulnerabilities were being used in attacks against exposed Outlook on the web servers.

Microsoft has added XLM macro protection for Microsoft 365 customers by expanding the runtime defense provided by Office 365's integration with Antimalware Scan Interface to include Excel 4.0 macro scanning. Microsoft first extended support for its Antimalware Scan Interface to Office 365 client applications in 2018 to defend customers against attacks using VBA macros.

Microsoft has released a PowerShell script that admins can use to check whether the recently disclosed ProxyLogon vulnerabilities have hacked a Microsoft Exchange server. On March 2nd, Microsoft released out-of-band emergency security updates to fix four zero-day vulnerabilities actively used in attacks against Microsoft Exchange.