Microsoft's Exchange team is warning Exchange Online users that many of its customers are being targeted by password spray attacks using its basic authentication. The warning comes as Microsoft begins ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. The Cybersecurity and Infrastructure Security ...

Microsoft is automatically enabling Windows Extended Protection on Exchange servers after installing this month's 2024 H1 Cumulative Update (aka CU14). Extended Protection (EP) will automatically be ...

Once, reasonable people who cared about security, privacy, and reliability ran their own email servers. Today, the vast majority host their personal email in the cloud, handing off that substantial ...

Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities. In at least one incident that Microsoft's security ...

Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are ...

It's finally time for businesses running Exchange Online to switch from Basic Authentication to Modern Authentication before Microsoft disables the former on October 1, 2022, according to the US ...

Microsoft is set to retire Exchange Web Services (EWS) on October 1, 2026, after which it will WS requests from non-Microsoft apps to Exchange Online. The change won't impact EWS in Exchange Server, ...

Microsoft finds high-severity flaw in hybrid Exchange instances Both Exchange Server 2016 and Exchange Server 2019 are affected, and so is Microsoft Exchange Server Subscription Edition A hotfix is ...

Microsoft has confirmed two unpatched Exchange Server zero-day vulnerabilities are being exploited by cybercriminals in real-world attacks. Vietnamese cybersecurity company GTSC, which first ...