A lot number of microsoft Exchange email servers in Europe, the United States, and Asia are at risk because they are accessible on the public internet. These servers are using an old and unsupported version of the software, which makes them vulnerable to multiple security issues, including some that are very serious.
The ShadowServer Foundation found 20,000 Microsoft Exchange servers that have reached the end-of-life stage are still accessible online. Most of these servers are in Europe, but there are also many in North America and Asia.
By infosecbulletin
/ Thursday , September 19 2024
GitLab released patches for a critical flaw in Community and Enterprise Editions that could allow authentication bypass. The vulnerability in...
Read More
By infosecbulletin
/ Thursday , September 19 2024
On September 16, 2024, Globe Pharmaceuticals Ltd., a major pharmaceutical company in Bangladesh, was hit by a ransomware attack detected...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
The FBI has alerted that cyber actors have compromised over 260,000 internet-connected devices, mainly routers, to form a large botnet...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Google has released Chrome 129 for Windows, Mac, and Linux users. The update will be available gradually over the next...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Broadcom has fixed a serious VMware vCenter Server vulnerability that allows attackers to execute remote code on unpatched servers through...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Ransomware groups like BianLian and Rhysida use Microsoft's Azure Storage Explorer and AzCopy to steal data from hacked networks and...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
Apple has released iOS 18, the latest update for iPhones and iPads. Along with new features, it mainly focuses on...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
CISA has warned Microsoft Windows MSHTML Platform Spoofing Vulnerability and Progress WhatsUp Gold SQL Injection Vulnerability actively exploited security flaws,...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
Cybersecurity researcher Jeremiah Fowler found a non-password-protected database with 780,000 records from FleetPanda, a tech provider for dispatch management. The...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
A recent dark web scan revealed that customer data from Dhaka Electric Supply Company Limited (DESCO) has been exposed. The...
Read More
ShadowServer’s statistics may not show the complete situation. Macnica security researcher Yutaka Sejiyama discovered that there are 30,000 Microsoft Exchange servers that are no longer supported. Sejiyama’s scans on Shodan revealed that these unsupported servers include versions such as Exchange Server 2007, Exchange Server 2010, and most instances of Exchange Server 2013.
Outdated Exchange servers found by ShadowServer and Sejiyama have many vulnerabilities that allow remote code execution. An important security problem is ProxyLogon (CVE-2021-26855) which, when combined with another bug (CVE-2021-27065), allows remote code execution. Sejiyama’s analysis shows that around 1,800 vulnerable Exchange systems are exposed to ProxyLogon, ProxyShell, or ProxyToken vulnerabilities.
Organizations have taken steps to deal with these vulnerabilities, but it’s important to know that these measures are not enough. Microsoft advises companies to prioritize updating servers connected to external networks. If servers are no longer supported, upgrading to a version that still receives security updates is the only viable option.
Organizations must act immediately to address the ongoing exploitation of these vulnerabilities and the large number of exposed servers. They should secure their Exchange servers and ensure they are using supported and updated software versions. This will help protect sensitive data and minimize risks.