Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

Whitehead's Law: The obvious answer is always overlooked.


rocksolid / Security / Open season on Outlook servers

SubjectAuthor
* Open season on Outlook serversAnonymous
+- Re: Open season on Outlook serversAnonymous
+- Re: Open season on Outlook serversAnonymous
`- Re: Open season on Outlook serversAnonymous

1
Subject: Open season on Outlook servers
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: def2
Date: Sat, 6 Mar 2021 09:57 UTC
Path: i2pn2.org!rocksolid2!.POSTED.127.139.135.22!not-for-mail
From: pos...@anon.com (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Open season on Outlook servers
Date: Sat, 06 Mar 2021 01:57:27 -0800
Organization: def2
Message-ID: <opsec.789.1s3a85@anon.com>
Content-Type: text/plain; charset=UTF-8
Injection-Info: novabbs.org; posting-account="def2"; posting-host="127.139.135.22";
logging-data="26155"; mail-complaints-to="usenet@novabbs.org"
View all headers
https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

Come get it while it's hot....

"White House press secretary Jen Psaki told reporters today the vulnerabilities found in Microsoft’s widely used Exchange servers were “significant,” and “could have far-reaching impacts.”"

lol

--
Posted on def2


Subject: Re: Open season on Outlook servers
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: novaBBS
Date: Sat, 6 Mar 2021 12:14 UTC
References: 1
Date: Sat, 6 Mar 2021 12:14:32 +0000
Subject: Re: Open season on Outlook servers
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs
From: Anonym...@novabbs.i2p (Anonymous)
Newsgroups: rocksolid.shared.security
X-Rslight-Site: $2y$10$gRXkBUlZYRpbi7Pc3Mldce0NNOUXxHbcndMLCNbvKDh9Rr/Jbve2K
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
References: <opsec.789.1s3a85@anon.com>
Organization: novaBBS
Message-ID: <f94db44fef950b8d912315fa12e1a655$1@www.novabbs.com>
View all headers
Anonymous wrote:

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

Come get it while it's hot....

"White House press secretary Jen Psaki told reporters today the vulnerabilities found in Microsoft’s widely used Exchange servers were “significant,” and “could have far-reaching impacts.”"

I doubt a microsoft product will ever be safe. Not that other systems are free from security holes, but ms seems to be playing catch up for years now and they're nowhere near there.
--
Posted on novaBBS
www.novabbs.com



Subject: Re: Open season on Outlook servers
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: def2
Date: Thu, 11 Mar 2021 16:59 UTC
References: 1
Path: i2pn2.org!rocksolid2!.POSTED.127.139.135.22!not-for-mail
From: pos...@anon.com (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: Open season on Outlook servers
Date: Thu, 11 Mar 2021 08:59:46 -0800
Organization: def2
Message-ID: <opsec.791.ecebv@anon.com>
References: <opsec.789.1s3a85@anon.com>
Content-Type: text/plain; charset=UTF-8
Injection-Info: novabbs.org; posting-account="def2"; posting-host="127.139.135.22";
logging-data="24560"; mail-complaints-to="usenet@novabbs.org"
View all headers
c6c3e461941c65ca58
I doubt a microsoft product will ever be safe.

I agree, and not because the coders at MS are necessarily bad. It really seems to be a question of attitude more than a question of skill. The link goes to an article where they describe how to assess of an exchange server was attacked or not. You guessed it, it boils down to: check for this and that string and for this and that behavior. As if you could trust any such installation ever again...

https://www.microsoft.com/security/blog/2020/06/24/defending-exchange-servers-under-attack/

--
Posted on def2


Subject: Re: Open season on Outlook servers
From: Anonymous
Newsgroups: rocksolid.shared.security
Organization: def2
Date: Fri, 12 Mar 2021 17:51 UTC
References: 1
Attachments: github-microsoft-800x421.png (image/png)
Path: i2pn2.org!rocksolid2!.POSTED.127.139.135.22!not-for-mail
From: pos...@anon.com (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: Open season on Outlook servers
Date: Fri, 12 Mar 2021 09:51:32 -0800
Organization: def2
Message-ID: <opsec.793.1143t4@anon.com>
References: <opsec.789.1s3a85@anon.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=c01c37e7bb5710deda7c71e4f7c016a42a0d6d99
Injection-Info: novabbs.org; posting-account="def2"; posting-host="127.139.135.22";
logging-data="7022"; mail-complaints-to="usenet@novabbs.org"
View all headers
2d6c87ba4d4e639dd7
and talking about attitude, they are better and faster in depublishing than in fixing their shit:
https://arstechnica.com/gadgets/2021/03/critics-fume-after-github-removes-exploit-code-for-exchange-vulnerabilities/


Attachments: github-microsoft-800x421.png 
1
rocksolid light 0.7.2
clearneti2ptor