Released March 31, 2022, the MITRE Engenuity ATT&CK® Evaluations covered 30 vendors and emulated the Wizard Spider and Sandworm threat groups. Two key measurements that are generated from the testing are Overall Detection and Overall Protection. About MITRE Engenuity MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for the public good. MITRE’s mission-drivenContinue reading “2022 MITRE ATT&CK Evaluations”
Author Archives: rafaelit
something went wrong OWA Exchange Server
After apply Security Update (SU) on exchange server you get the error : “something went wrong” (error 500) when you try to work with OWA. The two reasons for this error are : apply the SU without admin elevated permissions (run the msp file form “cmd window” without “run as administrator”) Missing or Expire AuthContinue reading “something went wrong OWA Exchange Server”
Microsoft March 2022 Patch Tuesday – fixes 71 flaws, 3 zero-days
Microsoft has fixed 71 vulnerabilities with three classified as Critical. Three of the bugs are listed as publicly known zero-days, but none of them are listed as having been exploited in the wild (thus far) : CVE-2022-21990 – Remote Desktop Client Remote Code Execution Vulnerability CVE-2022-24459 – Windows Fax and Scan Service Elevation of Privilege Vulnerability CVE-2022-24512 – .NETContinue reading “Microsoft March 2022 Patch Tuesday – fixes 71 flaws, 3 zero-days”
mounts_percent_usage_exceeded – Malware Analysis symantec
On Symantec MAA When you try to Upload file for manual scanning you receive error : mounts_percent_usage_exceeded . if you check the ma log you will see “Permission denied…. 500 DELETE” . it means that the worker that delete old samples is not not working as it should because of disk full. The solution : manuallyContinue reading “mounts_percent_usage_exceeded – Malware Analysis symantec”
Microsoft February 2022 Security Updates
Microsoft has fixed 48 vulnerabilities and with it comes fixes for one zero-day vulnerability CVE-2022-21989 – Windows Kernel Elevation of Privilege Vulnerability This release consists of security updates for the following products, features and roles. Azure Data Explorer Kestrel Web Server Microsoft Dynamics Microsoft Dynamics GP Microsoft Edge (Chromium-based) Microsoft Office Microsoft Office Excel Microsoft Office OutlookContinue reading “Microsoft February 2022 Security Updates”
Recent emails might not appear in search results in the Microsoft Outlook desktop app KB5008212
After installing the November 22, 2021 or later updates, recent emails might not appear in search results in the Microsoft Outlook desktop app. This issue is related to emails that have been stored locally in a PST or OST files. It might affect POP and IMAP accounts, as well as accounts hosted on Microsoft ExchangeContinue reading “Recent emails might not appear in search results in the Microsoft Outlook desktop app KB5008212”
January 2022 updates causing unexpected reboots
Update (18/1/22) Microsoft released OOB updates they are available for download on the Microsoft Update Catalog, and some of them can also be installed directly through Windows Update as optional updates. Microsoft Update Catalog UPDATE (17/1/22): Microsoft has confirmed they are investigating the issues. The updates are remove from the windows update , but they availableContinue reading “January 2022 updates causing unexpected reboots”
Released: January 2022 Exchange Server Security Updates
Microsoft has released security updates for vulnerabilities found in any version of: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 These updates are available for the following specific builds of Exchange Server: IMPORTANT: If manually installing security updates, you must install .msp from elevated command prompt (see Known Issues in update KB article). Exchange Server 2013 CU23 ExchangeContinue reading “Released: January 2022 Exchange Server Security Updates”
CLIUSR certificate expiration
What is the CLIUSR Account? With Exchange 2016-19 / Server 2016-19 set up in DAG. you get an alert in ECP that says “The certificate ‘CLIUSR’ on server ‘servername’ is about to expire on ‘date’” The CLIUSR account is a local user account created by the Failover Cluster feature. Windows Server Failover Cluster service uses thisContinue reading “CLIUSR certificate expiration”
Exchange Anti-Malware Email Stuck in Transport Queues
If you have exchange on prem or in hybrid mode. Email Stuck in Transport Queues. 1.1.2022 bug… Workaround Bypass the Anti-Malware Engine using the following commands in the Exchange Management Shell: Set-MalwareFilteringServer -Identity “ServerName” -BypassFiltering $true Restart-Service MSExchangeTransport If the environment has multiple servers, you can try this command to update them all at once: get-malwarefilteringserver |Continue reading “Exchange Anti-Malware Email Stuck in Transport Queues”