Found 13 bookmarks
Custom sorting
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
Hi, this is a long-time-pending article. We could have published this article earlier (the original bug was reported to MSRC in June 2021 with a 90-days Public Disclosure Policy). However, during communications with MSRC, they explained that since this is an architectural design issue, lots of code changes and testings are expected and required, so they hope to resolve this problem with a one-time CU (Cumulative Update) instead of the regular Patch Tuesday. We understand their situation and agree to extend the deadline.
#devco.re#EN#2022#CVE-2021-26414#CVE-2022-21979#Exchange#Microsoft-Exchange#ProxyRelay
·devco.re·
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack utilized an unpublished Exchange security vulnerability, i.e., a 0-day vulnerability, thus immediately came up with a temporary containment plan.
#gteltsc.vn#EN#2022#Microsoft-Exchange#Exchange#0-day#RCE#vulnerability#campaign#IoCs
·gteltsc.vn·
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
Hi, this is a long-time-pending article. We could have published this article earlier (the original bug was reported to MSRC in June 2021 with a 90-days Public Disclosure Policy). However, during communications with MSRC, they explained that since this is an architectural design issue, lots of code changes and testings are expected and required, so they hope to resolve this problem with a one-time CU (Cumulative Update) instead of the regular Patch Tuesday. We understand their situation and agree to extend the deadline.
#devco.re#EN#2022#CVE-2021-26414#CVE-2022-21979#Exchange#Microsoft-Exchange#ProxyRelay
·devco.re·
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack utilized an unpublished Exchange security vulnerability, i.e., a 0-day vulnerability, thus immediately came up with a temporary containment plan.
#gteltsc.vn#EN#2022#Microsoft-Exchange#Exchange#0-day#RCE#vulnerability#campaign#IoCs
·gteltsc.vn·
Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server