Proof-of-concept exploit code has been released online for two actively exploited and high-severity vulnerabilities in Microsoft Exchange, collectively known as…
Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. [...]
Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that…
Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations…
Ransomware Attackers Bypass Microsoft’s ProxyNotShell Mitigations With Fresh Exploit
The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers.
Exploit released for actively abused ProxyNotShell Exchange bug
Proof-of-concept exploit code has been released online for two actively exploited and high-severity vulnerabilities in Microsoft Exchange, collectively known as…
Microsoft November 2022 Patch Tuesday fixes 6 exploited zero-days, 68 flaws
Today is Microsoft's November 2022 Patch Tuesday, and with it comes fixes for six actively exploited Windows vulnerabilities and a…
Microsoft Exchange servers hacked to deploy LockBit ransomware
Lockbit ransomware affiliates are encrypting victims via Microsoft Exchange servers hacked using exploits targeting unpatched vulnerabilities. [...]
Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub
Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. [...]
Microsoft Exchange server zero-day mitigation can be bypassed
Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that…
Worried About the Exchange Zero-Day? Here’s What to Do
While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks…
Microsoft: Two New 0-Day Flaws in Exchange Server
Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations…