Attention! Four new vulnerabilities in Exchange Server mail software!
by Svenja Koch
Microsoft once again has to close security vulnerabilities in its Exchange Server email software with an update. The software company published updates for Exchange versions 2013, 2016, and 2019 on April 13, 2021 - these were also affected by vulnerabilities that Microsoft had already closed with an update in March 2021. The tip-off about Microsoft's renewed security problems came from the US intelligence service "National Security Agency" (NSA). Microsoft spokespersons explained that they were not currently aware of any malware that was already exploiting the gaps - but the company nevertheless recommended that the updates be installed immediately. Microsoft closed more than 100 vulnerabilities in the package of security updates, including in the Windows operating system, its Edge web browser, and Office office programs.
In the US, the White House also directed government agencies to immediately update their email servers. Deputy Security Advisor Anne Neuberger stressed that the US government had reported the vulnerability to Microsoft because of its responsibility.
According to estimates by IT security experts, tens of thousands of email servers worldwide were attacked via the Exchange vulnerabilities, which initially became known in March. Among other things, the attackers exploited the time delay resulting from the manual installation of the updates - and for this, not all Exchange customers reacted immediately.
Recommendations for action
The BSI strongly recommends installing the security updates provided by Microsoft.
Do you need help clarifying whether your company is also affected?
Contact us!
Related articles
QR codes have been around for almost 30 years. Today, we scan the square codes with our smartphone as a matter of course to release bank orders, create a digital vaccination certificate or retrieve coupons. However, since QR codes are also used by cybercriminals for fraudulent purposes, you should not trust the little squares without limits. You should be especially careful if you receive a QR code via email: A sophisticated phishing attack could be hiding behind it. We show you how to recognize quishing attacks and protect yourself from them.
Read more … Caution, Quishing: Criminals use QR codes for phishing attacks
In early October, the ransomware group Black Basta attacked an IT service provider of the Deutsche Presse-Agentur (dpa), stealing the data records of 1,500 dpa employees as well as pension recipients of the dpa support fund. Two weeks later, the cybercriminals published the first sensitive data of the victims on the darknet. This incident is just one of many attacks associated with the notorious Black Basta ransomware - and there will be many more to come. That's because, as new research shows, the cybercriminals act very similarly to other aggressive hacker groups.
Read more … Black Basta: New findings on the notorious ransomware
The cybersecurity industry is more dynamic and rapidly changing than any other sector. Today's insights may already be outdated tomorrow. Because at the same pace as IT security develops new measures to protect IT infrastructure, networks, and endpoints, cyber criminals bring new tools to the market, refine attack methods, or use unknown techniques to successfully carry out cyber attacks. Anyone who wants to stay as well informed as possible in the multi-layered environment is dependent on regular updates. This applies equally to technically interested users and IT staff. One popular source of information in Germany is the podcast. More than 40% of all Germans regularly listen to podcasts - one fifth of them daily. We asked our IT security consultants for recommendations on ethical hacking and present our top 5 most popular cybersecurity podcasts here.