Tag: Exchange 2013
-
Three years ago I wrote a document titled “Removing Exchange’s ability to impact Tier 0 and Tier 1” that was distributed internally at Microsoft as well as to dozens of Microsoft customers as part of Cybersecurity services delivered through Microsoft Consulting Services (MCS). I had always intended to get this document published publicly, but for…
-
Microsoft Exchange Servers are a high value target, making investigation of them during Incident Response vital, but where do you start? What should you look for? Backdoor implants in the form of webshells hiding in OWA are on the rise. Find out how to hunt webshells and differentiate between legitimate use and attacker activity, using…
-
I’ll be presenting a brand new session titled “Hunting Webshells on Microsoft Exchange Server” at the 2017 SANS Threat Hunting and Incident Response Summit in New Orleans on April 18th and 19th! My session abstract:“Microsoft Exchange Servers are a high value target, making investigation of them during Incident Response vital, but where do you start?…
-
If you haven't already heard, I'll be delivering a session at the Microsoft Ignite conference at the McCormick Place in Chicago Illinois May 4-8. My session is called "Shut the Front Door! Securing your Messaging Environment". (Session code BRK3109) UPDATED! TIME CHANGE! (Updated again, for some reason the strikethrough text isn't working, removed some text to…
-
Exchange 2013 CU8, Exchange 2010 SP3 RU9, and Exchange 2007 SP3 RU16 have all been released! Josh BryantCybersecurity Product Leader and internationally recognized Speaker at several Information Security conferences and events with over 26 years of experience as a proven leader in Cybersecurity, Product Management, Threat Hunting, Incident Response, IT Management, IT Architecture, IT Operations,…
-
Exchange 2013 CU7, Exchange 2010 SP3 RU8, Exchange 2007 SP3 RU15, and UM Language Packs for CU7, were all released yesterday. These include important security fixes for vulnerabilities outlined in MS14-075. There have been reports of RU8 breaking Outlook connectivity. Because of this, RU8 is being recalled, so expect an RU8v2. For more information, see the…
-
Due to traveling and the holidays, I'm a little late on getting this out there… Exchange 2010 SP3 RU7 and Exchange 2013 CU6 were both released last week (August 26th 2014). Exchange 2010 SP3 RU7 has a handful of bug fixes, and so far is rather unintersting and uneventful. Exchange 2013 CU6 on the other hand, has had…
-
Exchange 2010 SP3 RU6 and Exchange 2013 CU5 were released today! RU6 only contains bug fixes. CU5 includes OAB improvements in addition to bug fixes. Josh BryantCybersecurity Product Leader and internationally recognized Speaker at several Information Security conferences and events with over 26 years of experience as a proven leader in Cybersecurity, Product Management, Threat Hunting,…
-
If you haven't noticed already, Exchange 2013 SP1, Exchange 2010 SP3 RU5, and Exchange 2007 SP3 RU13 were all released last week (Feb 25th). I'm a little behind due to traveling for work. I am particularly excited about the new DLP features in Exchange 2013 SP1. A collegue and I personally lobbied the Exchange Product…
-
The Office 365 Best Practices Analyzer for Exchange Server 2013 is now available! Download it here. Josh BryantCybersecurity Product Leader and internationally recognized Speaker at several Information Security conferences and events with over 26 years of experience as a proven leader in Cybersecurity, Product Management, Threat Hunting, Incident Response, IT Management, IT Architecture, IT Operations,…