ID | Votes | Profile Description |
---|---|---|
Proxynotshell | 4 | ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t |
Proxylogon | 1 | ProxyLogon is a notable software vulnerability that surfaced in the cybersecurity landscape. It was part of an exploit chain, including CVE-2021-26855, a server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server. This flaw allowed attackers to bypass authentication mechanisms and |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
Owassrf | Unspecified | 3 | OWASSRF is a software vulnerability that presents a significant security risk to Microsoft Exchange Server systems. It's an exploit method that bypasses ProxyNotShell vulnerability mitigations, allowing for remote code execution on vulnerable servers through Outlook Web Access. This vulnerability ha |
Proxyshell | Unspecified | 2 | ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau |
CVE-2022-41040 | Unspecified | 1 | CVE-2022-41040 is a software vulnerability that was discovered in late September 2022, along with another flaw, CVE-2022-41082. These two zero-day vulnerabilities were collectively known as ProxyNotShell. The vulnerabilities were exploited to compromise Microsoft Exchange through the proxy mechanism |
Proxynotshell Cve-2022-41080 | Unspecified | 1 | None |
Proxynotshell Cve-2022-41040 | Unspecified | 1 | None |
CVE-2022-41082 | Unspecified | 1 | CVE-2022-41082 is a critical software vulnerability discovered in Microsoft Exchange Servers, which allows for Remote Code Execution (RCE). This flaw is one of two zero-day vulnerabilities found, the other being CVE-2022-41040. The RCE vulnerability presents a significant threat as it enables attack |
CVE-2022-47966 | Unspecified | 1 | CVE-2022-47966 is a critical vulnerability discovered in Zoho ManageEngine ServiceDesk Plus, a widely used IT management software. The flaw was exploited by malicious actors to gain unauthorized access to the organization's systems and networks. The exploitation started just five days after proof-of |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | 8 months ago | Rackspace racks up $11M in ransomware-related costs |
CERT-EU | 8 months ago | Rackspace racks up $12M in ransomware-related costs |
CrowdStrike | 9 months ago | Patch Tuesday Turns 20: The Impact of Microsoft’s Vulnerability Problem |
CERT-EU | 10 months ago | Florian Roth, Author at Nextron Systems |
CERT-EU | 10 months ago | Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders |
CERT-EU | a year ago | Rackspace Faces Massive Cleanup Costs After Ransomware Attack |
CERT-EU | a year ago | Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders |
CERT-EU | a year ago | Cybersecurity threatscape: Q1 2023 |
CERT-EU | a year ago | Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards |
Checkpoint | a year ago | 26th December – Threat Intelligence Report – Check Point Research |
Checkpoint | a year ago | 9th January – Threat Intelligence Report - Check Point Research |
Unit42 | a year ago | Threat Brief: OWASSRF Vulnerability Exploitation |
Malwarebytes | a year ago | Ransomware in December 2022 |
BankInfoSecurity | a year ago | Play Ransomware Lists A10 Networks on its Leak Site |
CERT-EU | a year ago | Play Ransomware Lists A10 Networks on Its Leak Site |
Securityaffairs | a year ago | Charming Kitten used a new BellaCiao malware in recent wave of attacks |
CERT-EU | a year ago | Dragos releases industrial ransomware analysis for Q1 2023 | #ransomware | #cybercrime – National Cyber Security Consulting |
DARKReading | a year ago | Microsoft Advisories Are Getting Worse |