Found 3 bookmarks
Custom sorting
The ticking time bomb of Microsoft Exchange Server 2013
The ticking time bomb of Microsoft Exchange Server 2013
I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied.
#doublepulsar#EN#2023#analysis#ransomware#Microsoft-Exchange#Exchange-Server2013#risk
·medium.com·
The ticking time bomb of Microsoft Exchange Server 2013
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell.
#securelist#EN#2022#DLL-hijacking#Malware-Descriptions#Microsoft-Exchange#Trojan#Vulnerabilities-and-exploits#Zero-day#CVE-2022-41040#CVE-2022-41082#analysis
·securelist.com·
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell.
#securelist#EN#2022#DLL-hijacking#Malware-Descriptions#Microsoft-Exchange#Trojan#Vulnerabilities-and-exploits#Zero-day#CVE-2022-41040#CVE-2022-41082#analysis
·securelist.com·
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange