Tag: Microsoft Exchange

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft Exchange high-severity vulnerability

Cybersecurity Threat Advisory: Microsoft Exchange high-severity vulnerability

CVE-2025-53786 is a high-severity vulnerability affecting Microsoft Exchange servers, allowing attackers to move laterally within Microsoft cloud environments and potentially compromise entire domains. Currently, approximately 29,000 Exchange servers remain unpatched, leaving organizations exposed to significant risk. Review the information in...

/ August 13, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Global Microsoft Exchange attack

Cybersecurity Threat Advisory: Global Microsoft Exchange attack

A recent cyber campaign has compromised over 70 Microsoft Exchange servers across 26 countries by injecting JavaScript-based keyloggers into Outlook Web Access (OWA) login pages. Review the details of this Cybersecurity Threat Advisory to safeguard against these vulnerabilities. What is...

/ June 25, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability

Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerability

Microsoft announced that a recently disclosed security flaw had been exploited just one day after it released fixes for the vulnerability. CVE-2024-21410, an Exchange Server vulnerability, with a CVSS score of 9.8, allows threat actors to escalate privileges of the...

/ February 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited

Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited

Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...

/ December 6, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: End-of-Life Microsoft Exchange servers exposed

Cybersecurity Threat Advisory: End-of-Life Microsoft Exchange servers exposed

In this Cybersecurity Threat Advisory, we look at how over 20,000 Microsoft (MS) Exchange email servers across Europe, the U.S., and Asia are at risk of cyberattacks due to running on unsupported software versions. These servers are susceptible to numerous...

/ December 5, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Microsoft Exchange Server zero-day vulnerability

Cybersecurity Threat Advisory: New Microsoft Exchange Server zero-day vulnerability

Researchers from GTSC found a new zero-day vulnerability for Microsoft Exchange Server in the wild. Upon successful exploitation, threat actors can perform RCE (Remote Code Execution) via a backdoor onto the compromised system. GTSC has released a report outlining the...

/ September 30, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Black Basta Ransomware Group threat

Cybersecurity Threat Advisory: Black Basta Ransomware Group threat

The Black Basta ransomware group is revamping an older malware known as Qbot, Qakbot and Plinkslipbot to exploit the Microsoft Exchange Server. A successful attack will allow threat actors the ability to gain target network access, collect critical personal information,...

/ June 24, 2022