Attackers increasingly exploit Microsoft Exchange servers

Posted by & filed under Security Alerts.

Microsoft’s Defender ATP Research Team today issued guidance on how to defend against attacks targeting Exchange servers by blocking malicious activity identified with the help of behavior-based detection. The Microsoft researchers based their analysis on multiple campaigns of Exchange attacks investigated during early April which showed how the malicious actors deploying web shells on on-premises… Read more »

Office 365 now checks docs for known threats before editing

Posted by & filed under Security News.

Microsoft today announced the general availability of the Office 365 Safe Documents security feature which expands the protection provided by Protected View by checking untrusted documents for risks and known threats. Safe Documents — launched in private preview in February — uses Microsoft Defender Advanced Threat Protection (ATP) to scan documents opened in Protected view and block users from… Read more »

Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities

Posted by & filed under Security News.

Microsoft released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products. This is the third Patch Tuesday update since the beginning of the global Covid-19 outbreak, putting some extra pressure on security teams struggling to keep up… Read more »

Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable

Posted by & filed under Security Alerts.

Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft’s Remote Desktop Protocol, Microsoft though  had patched the vulnerability (CVE-2019-0887) as part of its July 2019 Patch Tuesday update, it turns out researchers were able to bypass the patch just by replacing the… Read more »

Critical Microsoft SharePoint Remote Code Execution Flaw Actively Exploited (CVE-2019-0604)

Posted by & filed under Security Alerts.

The SharePoint flaw first exploited in the wild in May continues to be exploited nine months after it was patched by Microsoft. On December 10, security researcher Kevin Beaumont published a tweet cautioning organizations to patch a Microsoft SharePoint flaw that’s been actively exploited in the wild since at least May, and has since remained a valuable… Read more »