How to mitigate this Owowa credential stealer and remote access panel.

Copper Contributor

Hi All


Today, I got the following article describing the problem but not the solution. Can anyone know how to protect the Exchange OWA from this problem?


I am using MS Exchange 2016, and OWA is published with WAF.


Thanks in advance.


2 Replies
Just reading this myself an trying to understand if there's anything hybrid users need to do. I think we are ok as all of our mailboxes are hosted in Exchange online, our on premise servers are only for SMTP relays and management but I'm a little unclear.

@Justin SiegardThanks for the replay. What about the on-premises solution of MS Exchange.