Security News

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update to have them always ready to deploy an emergency security update. "To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU and the latest SU," The Exchange Team said.

A Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers. DNV said the attack happened on January 7, and updated its report yesterday to say it involved ransomware - but affected vessels are not in any danger and can still operate normally, it added.

If you're running the Cacti network monitoring solution and you haven't updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw. Cacti is an open-source front-end app for RRDtool, a system for logging and graphing time series data, i.e., data from sensors and systems that is recorded / collected at regular intervals to create an evolving picture of what one wants to monitor.

A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti.

Microsoft warned customers today that Exchange Server 2013 will reach its extended end-of-support date 90 days from now, on April 11, 2023. Exchange Server 2013 was released in January 2013 and has already reached the mainstream end date more than four years ago, in April 2018.

Microsoft says Cuba ransomware threat actors are hacking Microsoft Exchange servers unpatched against a critical server-side request forgery vulnerability also exploited in Play ransomware attacks. Cloud computing provider Rackspace recently confirmed that Play ransomware used a zero-day exploit dubbed OWASSRF targeting this bug to compromise unpatched Microsoft Exchange servers on its network after bypassing ProxyNotShell URL rewrite mitigations.

If you want to use the collaboration features, you must configure an SMTP server. Without an SMTP server configured, you won't be able to share vault items with team members for collaboration, and the system will not be able to send user confirmation emails.

Microsoft has reminded customers that the extended support for all editions of Windows Server 2012 and Windows Server 2012 R2 will end on October 10. Although Windows Server 2012 reached its mainstream support end date over four years ago, in October 2018, Microsoft pushed back the end date for extended support five years to allow customers to migrate to newer, under-support Windows Server versions.

Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems.Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server.

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by...