Microsoft's Exchange team is warning Exchange Online users that many of its customers are being targeted by password spray attacks using its basic authentication. The warning comes as Microsoft begins ...

Microsoft is automatically enabling Windows Extended Protection on Exchange servers after installing this month's 2024 H1 Cumulative Update (aka CU14). Extended Protection (EP) will automatically be ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. The Cybersecurity and Infrastructure Security ...

Once, reasonable people who cared about security, privacy, and reliability ran their own email servers. Today, the vast majority host their personal email in the cloud, handing off that substantial ...

Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities. In at least one incident that Microsoft's security ...

It's finally time for businesses running Exchange Online to switch from Basic Authentication to Modern Authentication before Microsoft disables the former on October 1, 2022, according to the US ...

Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are ...

Microsoft is set to retire Exchange Web Services (EWS) on October 1, 2026, after which it will WS requests from non-Microsoft apps to Exchange Online. The change won't impact EWS in Exchange Server, ...

Microsoft finds high-severity flaw in hybrid Exchange instances Both Exchange Server 2016 and Exchange Server 2019 are affected, and so is Microsoft Exchange Server Subscription Edition A hotfix is ...

Microsoft has confirmed two unpatched Exchange Server zero-day vulnerabilities are being exploited by cybercriminals in real-world attacks. Vietnamese cybersecurity company GTSC, which first ...