Tag: Microsoft Exchange
Cybersecurity Threat Advisory: Microsoft Exchange high-severity vulnerability
CVE-2025-53786 is a high-severity vulnerability affecting Microsoft Exchange servers, allowing attackers to move laterally within Microsoft cloud environments and potentially compromise entire domains. Currently, approximately 29,000 Exchange servers remain unpatched, leaving organizations exposed to significant risk. Review the information in...
Cybersecurity Threat Advisory: Global Microsoft Exchange attack
A recent cyber campaign has compromised over 70 Microsoft Exchange servers across 26 countries by injecting JavaScript-based keyloggers into Outlook Web Access (OWA) login pages. Review the details of this Cybersecurity Threat Advisory to safeguard against these vulnerabilities. What is...
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability
Microsoft announced that a recently disclosed security flaw had been exploited just one day after it released fixes for the vulnerability. CVE-2024-21410, an Exchange Server vulnerability, with a CVSS score of 9.8, allows threat actors to escalate privileges of the...
Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...
Cybersecurity Threat Advisory: End-of-Life Microsoft Exchange servers exposed
In this Cybersecurity Threat Advisory, we look at how over 20,000 Microsoft (MS) Exchange email servers across Europe, the U.S., and Asia are at risk of cyberattacks due to running on unsupported software versions. These servers are susceptible to numerous...
Cybersecurity Threat Advisory: New Microsoft Exchange Server zero-day vulnerability
Researchers from GTSC found a new zero-day vulnerability for Microsoft Exchange Server in the wild. Upon successful exploitation, threat actors can perform RCE (Remote Code Execution) via a backdoor onto the compromised system. GTSC has released a report outlining the...
Cybersecurity Threat Advisory: Black Basta Ransomware Group threat
The Black Basta ransomware group is revamping an older malware known as Qbot, Qakbot and Plinkslipbot to exploit the Microsoft Exchange Server. A successful attack will allow threat actors the ability to gain target network access, collect critical personal information,...
