Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers

By Deeba Ahmed
The latest attack against Exchange servers utilizes at least two new flaws (CVE-2022-41040, CVE-2022-41082) that have been assigned CVSS scores of 6.3 and 8.8.
This is a post from HackRead.com Read the original post: Microsoft Confirms T… Continue reading Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

By Deeba Ahmed
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets.
This is a post from HackRead.com Read the original post: ProxyShell vulnerabilities exploited in domain-wide ranso… Continue reading ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

Conti ransomware affiliates hit Exchange Servers with ProxyShell exploits

By Waqas
Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers.
This is a post from HackRead.com Read the original post: Conti ransomware affiliates hit Exchange … Continue reading Conti ransomware affiliates hit Exchange Servers with ProxyShell exploits

Unpatched Microsoft Exchange servers hit with ProxyShell attack

By Waqas
Researchers have identified 140+ webshells launched against 1,900 unpatched Microsoft Exchange servers.
This is a post from HackRead.com Read the original post: Unpatched Microsoft Exchange servers hit with ProxyShell attack
Continue reading Unpatched Microsoft Exchange servers hit with ProxyShell attack

Hackers seize severe Microsoft Exchange vulnerabilities in echo of widespread March attacks

A fresh wave of attacks against Microsoft Exchange has government cybersecurity officials on guard for a possible repeat of the chaos hackers rendered earlier this year by exploiting a different vulnerabilities in the popular workplace mail server. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued an urgent warning Saturday that cybercriminals are actively exploiting months-old vulnerabilities in Microsoft’s ProxyShell. CISA recommended that customers update their systems using software patches that Microsoft released in May to address the vulnerabilities. National Security Agency Cybersecurity Director Rob Joyce also urged companies to patch against the vulnerabilities. Huntress Labs first reported the surge in attacks against unpatched Microsoft Exchange servers on Friday. Targeted organizations include “seafood processors, industrial machinery, auto repair shops, a small residential airport and more,”  Huntress Labs CEO Kyle Hanslovan tweeted. As of Sunday, the firm reported 164 total compromised servers. The trio of vulnerabilities can be used to […]

The post Hackers seize severe Microsoft Exchange vulnerabilities in echo of widespread March attacks appeared first on CyberScoop.

Continue reading Hackers seize severe Microsoft Exchange vulnerabilities in echo of widespread March attacks