Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

ProxyNotShell-Microsoft Exchange Vulnerabilities

On September 29, Microsoft Security Threat Intelligence reported two significant zero-day vulnerabilities being exploited in the wild. The two vulnerabilities, named “ProxyNotShell”, affect Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.

Trustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019

Trustwave security teams are aware of two zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) impacting Microsoft Exchange Server 2013, 2016, and 2019 and organizations with Outlook Web Access facing the Internet. If exploited, the vulnerabilities can allow an attacker to elevate privilege and remote code execution capability. We immediately investigated the vulnerabilities and potential exploits and continue to monitor the situation.

Microsoft Exchange On-Prem Zero-Day Vulnerabilities Exploited in the Wild

On Thursday, September 29th, 2022, GTSC–a Vietnam-based cybersecurity company–published a blog detailing intrusion they investigated that chained together two exploits for Microsoft Exchange zero-day vulnerabilities to achieve remote code execution (RCE). Technical details around how to exploit these vulnerabilities were not provided.

Top 5 Hidden Costs of SharePoint Online

If you’re like many organizations that have heavily invested in Microsoft 365, you may be considering, or already attempting, to use SharePoint Online as your company file server. After all, it’s “free” since it’s included in the service, right? While Microsoft has made improvements on the front-end with OneDrive for Business and Teams, there are still many challenges and hidden costs associated with using SharePoint as your primary company file system.

SharePoint Online Security - Best Practice Guide for MSPs

Despite the tight security services provided by Microsoft, we know how frequently SMEs' Office 365 is breached, either intentionally by hackers or inadvertently by carelessness. In such a scenario, it makes us wonder, can we fully trust Microsoft to protect us from mal actors in 2022?? The simple answer is yes. The complicated answer is: Microsoft is as secure as WE configure it. Does that make you uneasy?

Why MSPs need to Reconsider SIEM for Office 365 Security

In 2005, a new market emerged when Gartner coined the term "SIEM" OR Security and Information Event Management. Back then, it was a legacy system aggregating event data produced by security devices, systems, network infrastructures and applications. However, it lacked monitoring functionality and was limited to vertical scalability.

Team Up on DevSecOps with JFrog Platform App for Microsoft Teams

The JFrog DevOps Platform is your mission-critical tool for your software development pipelines. The results of key binary management events in Artifactory, Xray, and Distribution can reveal whether or not your software pipelines are on-track to deliver production-quality releases.

Microsoft's Macro Reversal Invites a Resurgence of Office Malware

In January 2022, Microsoft announced that Excel 4.0 macros would be restricted by default, to protect users from malicious macros. In February 2022, Microsoft announced that VBA macros would also be blocked for files downloaded from the internet. Cybersecurity professionals and enthusiasts rejoiced at the news! Malicious Office documents were running rampant. Attackers abused Microsoft Office macros to deliver BazarLoader and Trickbot, and remote access trojans like AveMaria and AgentTesla.

Managing Microsoft 365 Guest Access

Speaking with clients, I find one of the biggest issues they struggle with how to properly secure Guest access in Microsoft 365 applications. While many organizations had already begun outsourcing their email to M365, most had really only begun looking at the rest of the M365 offering (Teams, SharePoint Online and OneDrive) when COVID hit. Most organizations wound up diving headfirst into this offering in an attempt to deal with the sudden need to work and collaborate with colleagues from home.