Hackread.comMay 14

📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.

Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/

#CyberSecurity #China #MSExchange #Malware #CyberAttack

FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit

China-linked FamousSparrow exploited an unpatched Microsoft Exchange server to target Azerbaijan’s oil and gas firm in a multi-wave cyberattack.

Hackread - Cybersecurity News, Data Breaches, AI and More
Michel de Rooij ✅May 9
blog: Hotfix Update Exchange SE (May2026) & (re)run ConfigureExchangeHybridApplication to enable Graph-based rich coexistence workflows https://eightwone.com/2026/05/09/hotfix-update-exchange-se-may2026/ #MSExchange
Hotfix Update Exchange SE (May2026)

The Exchange product group released the May 2026 Hotfix update for Exchange Server SE. Hotfix updates do not contain security fixes, but address issues. They also might introduce or add support for…

EighTwOne (821)
Michel de Rooij ✅May 6
The Exchange Deployment and Compliance Tool has been updated to 1.0.0.0; consult the Changelog for changes https://github.com/michelderooij/EDCA
For example, EDCA is now available from the PowerShell Gallery https://www.powershellgallery.com/packages/EDCA #MSExchange #Security #NIS2 #CIS #ANSSI #BSI #CISA #ISM #DISA
GitHub - michelderooij/EDCA: Exchange Deployment & Compliance Assessment

Exchange Deployment & Compliance Assessment. Contribute to michelderooij/EDCA development by creating an account on GitHub.

GitHub
Michel de Rooij ✅Apr 15
Microsoft has announced Period 2 of the Exchange Server 2016/2019 Extended Security Update (ESU) program. This extension provides continued access to security updates for legacy on‑premises Exchange environments, but it should be viewed strictly as a temporary risk mitigation measure. While ESUs extend time, they do not extend safety nor help avoid inevitable #MSExchange https://xf.ms/Ex20192016ESU2
Announcing Period 2 Exchange 2016/2019 Extended Security Update (ESU) program | Microsoft Community Hub

We created a Period 2 ESU for Exchange customers who need extra time to migrate to Exchange SE.  

TECHCOMMUNITY.MICROSOFT.COM
dmstorkFeb 25
Almost time! Session ‘IAM and Exchange: Frenemies in Hybrid Organizations’ #MSExchange #Exchange #EntraID #Hybrid #ActiveDirectory #SMTP #MSExchangeSummit
dmstorkFeb 24

Würzburg! I am in you!
Feel free to follow me on socials, and if you are here in person and have questions or want to talk: feel free to do so! (Unless I'm working on my deck 🤔😉)

#MSExchange #Exchange #MSExchangeSummit #mvpbuzz

dmstorkFeb 23

This week I'm taking time off from my projects at #Rubicon. Today I'm traveling and on Tuesday and Wednesday I will be joining my friends and peers at the Exchange Summit 2026 in Würzburg, Germany! I'll be talking about "IAM and Exchange: Untangling frenemies in Hybrid organizations". Follow me for updates!

#IAM #Identity #MSExchange #Hybrid #Entra #Microsoft365 #MVPBuzz #MSExchangeSummit

dmstorkFeb 16

This Friday I will online speaking at Workplace Ninjas Denmark 2026 with the session "Mastering Mailflow: Strategies to Protect your Organization" in which I will cover key techniques and strategies that protect your organization's incoming and outgoing mail flow. A topic dear to my heart and is unfortunately something does not have the attention it should.

For more information and free registration: https://www.meetup.com/wpninjasdk/events/312783505/

#SMTP #Security #Mail #MSExchange #Microsoft365

Show threaddmstorkJan 28

The only "irritation" I have is that this is the third time something got changed by the Exchange Team HOURS before an important meeting on breaking changes deadlines. COME ON! 😁

Read more: https://techcommunity.microsoft.com/blog/exchange/updated-exchange-online-smtp-auth-basic-authentication-deprecation-timeline/4489835?WT.mc_id=M365-MVP-5000976

#SMTP #MSExchange #Security #Authentication

Updated Exchange Online SMTP AUTH Basic Authentication Deprecation Timeline | Microsoft Community Hub

We wanted to provide the updated Exchange Online SMTP AUTH Basic Authentication Deprecation Timeline.  

TECHCOMMUNITY.MICROSOFT.COM
dmstorkJan 28
Several hours ago the #MSExchange Team posted an update on the #SMTP AUTH Basic #Authentication timeline. To summarize: the original date of disabling the option of March 2026 is now delayed to H2 2027 for existing tenants. Newly created tenants will have to deal with this from December 2026.