Month: November 2023

I have been covering some of the exploits in Exchange Server in a few of my blog posts and wanted to highlight the fact that I tested another one which…

In two of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with “ProxyLogon” and “ProxyShell”. As the exploit lists keep growing, we will look at the “ProxyNotShell”…

In my previous blog post we looked at the Proxy Logon Exploit where several CVE’s could be used to exploit an Exchange Server. In this article we will look at…

Many of us know the HAFNIUM attacks that took place a little while ago and many Exchange servers were compromised. The sad part is that many Exchange Servers are still…

A few years back I wrote a blog post for Exchange 2016 where we used IISCrypto to remove Protocols, Ciphers, Hashes, Key Exchanges etc. that posed a security risk externally…

We all know that end users hate complex passwords and having to change passwords often leads them to use the same password but add a number or character at the…

Performing some tests against my lab Exchange servers, I noticed that Shodan.io revealed information. Take note that attackers also use Shodan.io when enumerating targets. After digging further with NMAP and…

As an IT Admin, mailbox migrations are a constant thing. Moving users to new databases because you have a new database or you trying clean up and old one with…

In the August 2023 Security update (SU) for Exchange Server 2016 and Exchange Server 2019, there was a work around that had to be put in place to remove the…

Sometimes the event logs on Exchange servers throw up errors or warnings that do not appear again. The event ID, 4002 for MSExchange Availability is a broad error/warning/informational alert. Looking…