Discover and read the best of Twitter Threads about #OWA

Most recents (2)

A recent post by Vietnamese cybersecurity company GTSC detailed findings from a #MicrosoftExchange breach that stemmed from CVE-2022-41040 and CVE-2022-41082. @Volexity ties this to a CN threat actor it tracks that targets organizations using #OWA and #Zimbra.
#volexintel 1/7
Specifically the post highlights IP 206.188.196.77, which hosted the domain rkn-redirect[.]net. @Volexity previously identified this domain as a phishing domain targeting #OWA users. Note some subdomains offer clues about the likely targeting.
2/7
.@Volexity has linked the rkn-redirect[.]net domain to several others through domain registration patterns & banner data patterns.
3/7
Read 8 tweets
Cyber-#Armageddon... bei den #Microsoft #Exchange on-prem Versionen 2013, 2016 und 2019...

Die #Cloud Versionen sind nicht anfällig und daher sicher vor diesem Atompilz... 😏

(Ja und für diese Leutz auch der extra Hinweis gleich vorweg: Mit anderer Software ebenfalls. Orrrrrrr)
Problem:
Das Risiko erfolgreicher Angriffe besteht insbesondere für alle aus dem Internet erreichbaren Exchange-Server. Also zB im Falle einer Erreichbarkeit via Outlook Web Access #OWA

Lösungsmöglichkeit:
Verbindung sollte ausschließlich mittels #VPN erfolgen...
Es geht um:
CVE-2021-26855
CVE-2021-26857
CVE-2021-26858
CVE-2021-27065

Hier die Warnung des @BSI_Bund @certbund.

Ja genau, in Stufe 4 / rot!
bsi.bund.de/SharedDocs/Cyb… Image
Read 5 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!