Browsing tag
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained that an unnamed and unpatched MS Exchange Server customer was targeted with ransomware attacks, and attackers exploited ProxyShell vulnerabilities to compromise the organization domain-wide. A […]
Researchers have identified 140+ webshells launched against 1,900 unpatched Microsoft Exchange servers. The Cybersecurity & Infrastructure Security Agency (CISA) issued an urgent security alert about a sudden and unexpected rise in ProxyShell attacks. The agency has joined hands with the cybersecurity community to spread awareness among organizations to immediately install the latest security update in […]
According to researchers, threat actors including Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers. In late August 2021, it was reported that threat actors are targeting unpatched Microsoft Exchange Servers by exploiting ProxyShell exploits. Now, according to independent findings of researchers at Sophos Labs and […]