by edward | Jan 26, 2024 | Exchange 2013, Exchange 2016, Exchange 2019
Exchange servers play a crucial role in facilitating email communication within organizations. However, it is important to monitor and secure these servers to prevent unauthorized access and potential security breaches. One way to enhance security is by regularly...
by edward | Jan 22, 2024 | Email Security, Exchange 2013, Exchange 2016, Exchange 2019
In today’s digital landscape, ensuring the security of your email infrastructure is of utmost importance. One crucial step in safeguarding your Barracuda Email Appliance is to keep it up-to-date and protected from potential attacks. This can be achieved by...
by edward | Dec 24, 2023 | Exchange 2016, Exchange 2019
In one of my lab servers, I was busy working on a project and email would just not send. I kept on getting the error below from the consoles output: Error with SMTP server… (451, b’4.7.0 Temporary server error. Please try again later. PRX2′) This...
by edward | Dec 23, 2023 | Exchange 2016, Exchange 2019, Google Captcha
In one of my recent blog posts, we covered brute forcing of the OWA page in Exchange 2019, this also applies to Exchange 2016 and Exchange 2013. If an attacker successfully gains access, they might access an account that has elevated privileges or given enough time,...
by edward | Dec 2, 2023 | Exchange 2016, CVE-2021-33766, Exchange 2019, Kali Linux, ProxyToken
In three of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with “ProxyLogon”, “ProxyShell” and “ProxyNotShell”. As the exploit lists keep growing, we will look at the “ProxyToken”...
by edward | Nov 30, 2023 | Exchange 2016, ECP_DLP_Policy, Exchange 2019, Kali Linux
I have been covering some of the exploits in Exchange Server in a few of my blog posts and wanted to highlight the fact that I tested another one which allowed me to get a shell on the Exchange Server. Metasploit has a module for the above exploit which worked against...