Skip to content

Fix The Exchange!

My Tech Blog, Reborn!
  • Home
  • About

Defending Active Directory Against Cyberattacks

November 22, 2019 Josh Bryant Leave a comment

Back in April of 2016, Zaid Arafeh, Clare Kearney, and I, recorded a 7 part series for the Microsoft Virtual…

Continue Reading →

Hunting Webshells: Tracking TwoFace

September 9, 2019 Josh Bryant Leave a comment

Microsoft Exchange Servers are a high-value target for many adversaries, which makes the investigation of them during Incident Response vital.…

Continue Reading →

The ABCs of Containment, Eradication, and Recovery

August 30, 2019 Josh Bryant Leave a comment

In the physical realm, a successful hunt ends with either a kill or a capture.  While some might enjoy the thrill…

Continue Reading →

Best of Both Worlds: Blending Tactics from the Public and Private Sectors

Josh Bryant Leave a comment

Public and private enterprises face the same threats, and yet often have different approaches to defense. What if you could…

Continue Reading →

The Hitchhiker’s Guide to Data Breaches

Josh Bryant Leave a comment

The results are in, you’ve been breached. It’s officially the worst day of your career. How will you handle what…

Continue Reading →

Reducing the Exchange and Active Directory Attack Surface

February 12, 2019 Josh Bryant Leave a comment

Three years ago I wrote a document titled “Removing Exchange’s ability to impact Tier 0 and Tier 1” that was…

Continue Reading →

Filed under: Active Directory, Cybersecurity, Exchange, Exchange 2010, Exchange 2013, Exchange 2016, Exchange 2019

FixTheExchange.com is 7 years old today!

August 31, 2018 Josh Bryant Leave a comment

How fitting that 7 years after I started this blog I would relaunch it on a new platform (more on…

Continue Reading →

Hunting Webshells on Microsoft Exchange Server

May 8, 2017 Josh Bryant Leave a comment

Microsoft Exchange Servers are a high value target, making investigation of them during Incident Response vital, but where do you…

Continue Reading →

Filed under: Cybersecurity, Exchange 2013, Exchange 2016

Join me at the 2017 SANS Threat Hunting and Incident Response Summit – April 18th and 19th

December 13, 2016 Josh Bryant Leave a comment

I’ll be presenting a brand new session titled “Hunting Webshells on Microsoft Exchange Server” at the 2017 SANS Threat Hunting…

Continue Reading →

Filed under: Cybersecurity, DFIR, Exchange 2010, Exchange 2013, Exchange 2016

Exchange 2016 SP1 to run on Linux!

April 1, 2016 Josh Bryant Leave a comment

Ever since last month’s announcement that Microsoft SQL Server will be coming to Linux, quiet rumors have been floating around…

Continue Reading →

Filed under: April Fools, Exchange 2016

Post navigation

Page 1 of 8
1 2 … 8 Next →

Search

Twitter Feed

Follow @@FixTheExchange
Followers: 745
Chase Dardaman
Josh M. Bryant Retweeted · Chase Dardaman @CharlesDardaman
1 day ago
I recently ran into a blue team that did everything right, all of the “basics” plus had actually baselined their network traffic and had alerts on anything out of place, and my god were they hard to attack
View on Twitter
15
0
Josh M. Bryant
In reply toChris Herd
1 day ago
@chris_herd @Tanium
View on Twitter
0
1
Josh M. Bryant
In reply toSwiftOnSecurity
1 day ago
@SwiftOnSecurity https://t.co/6T7z01GaiH
View on Twitter
FixTheExchange photo
0
0
Josh M. Bryant
In reply toFiona Redmond - job hunting 🏹🖤
2 days ago
@msredmond https://t.co/iY5O3QR5Yc
View on Twitter
FixTheExchange photo
0
1
Josh M. Bryant
In reply toSean Harris
2 days ago
@InfoSecHotSpot I'm usually a sucker for trying whatever the new "limited time only" thing is at all the fast food joints, including BK, but it's been at least 6 months since I went to one.
View on Twitter
0
2
Josh M. Bryant
In reply toLesley Carhart
2 days ago
@hacks4pancakes @akolsuoicauqol Please tell me there's one for "bad boys" because this is amazing. 🤣
View on Twitter
0
6

RSS You had me at EHLO…

  • Customizable Recipient Limits in Office 365 February 19, 2020
    In 1997 Exchange introduced the Recipient Limits setting on user mailboxes. This limits the total number of recipients to which a user can send a single message (the total number of recipients added to the To, CC, and BCC lines of a message). By default, in the Office 365 multi-tenant service this is set to […]
  • Exchange Server and SMBv1 February 12, 2020
    To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server. There is no need to run the nearly 30-year-old SMBv1 protocol when Exchange 2013/2016/2019 is installed on your system. […]
  • Calendaring is Really Hard to Code and That’s Why You Were An Hour Late to that Meeting February 11, 2020
    Writing code for calendaring features is hard. Some of you might say writing any kind of code is hard, and you might have a point, but calendaring is particularly tricky. Why’s that? Well, consider time zones for a start – a meeting you set up isn’t necessarily in the same time as it is for […]
  • How to address Federation Trust issues in Hybrid Configuration Wizard (HCW) January 31, 2020
    During my day to day work as a part of support organization, I work with and help troubleshoot Hybrid Configuration Wizard (HCW) failures. One of the more common causes of HCW failures is the Federation Trust step for the Exchange on-premises organizations in Full hybrid configurations (Classic or Modern topologies). Federation trust is a mandatory […]
  • Exchange and SameSite Updates January 24, 2020
    Post updated: 31st January 2020 The Stable release of the Google Chrome web browser (build 80, scheduled for release beginning February 17, 2020) features a change in how cookies are handled. Although the change is intended to discourage malicious cookie tracking, it's also expected to severely affect many applications and services that are based on […]
  • Transport database: understand, size and troubleshoot January 16, 2020
    Introduction Over time, we have seen multiple support tickets where the transport database “mail.que” file grows unexpectedly, which in turn causes various mail flow related issues. In this article, we will provide details about the transport database mail.que and help you avoid issues caused by large database. Understanding backpressure Before jumping into the issue and […]
  • Facebook
  • Twitter
Privacy Policy
Copyright © 2020 Fix The Exchange!