In a joint advisory, top cybersecurity authorities from the US, UK, and Australia have pointed fingers at Iran-backed threat actors for ongoing attacks that exploit multiple Microsoft Exchange and Fortinet vulnerabilities. According to the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United […]
Cybersecurity researchers have discovered a new malicious campaign that attempts to exploit the already-fixed ProxyShell vulnerability in Microsoft Exchange email servers together with the Windows PetitPotam vulnerability, once again highlighting the importance of patching vulnerabilities in critical components. The new campaign that hopes to find unpatched vulnerable hosts in order to deploy a variant of […]
ProxyShell is the name given to a series of vulnerabilities — CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207 — that can be chained for unauthenticated remote code execution, allowing an attacker to take complete control of an Exchange server. The flaws were discovered by Orange Tsai, principal researcher at security consulting firm DEVCORE, and they were first demonstrated […]
Latest Comments