ID | Votes | Profile Description |
---|---|---|
Proxynotshell | 7 | ProxyNotShell is a software vulnerability, specifically a flaw in the design or implementation of Microsoft Exchange Server. It was first identified and exploited through CVE-2022-41082, as reported by Palo Alto Networks' Unit 42. The ProxyNotShell exploit method leveraged an AutoDiscover endpoint t |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
APT41 | Unspecified | 1 | APT41, also known as Winnti, Wicked Panda, and Wicked Spider, is a sophisticated threat actor attributed to China. This group has been active since at least 2012, targeting organizations across 14 countries. The group is known for its extensive use of various code families and tools, with at least 4 |
Unc3886 | Unspecified | 1 | UNC3886 is a threat actor with suspected links to China, known for its cyber espionage operations targeting global strategic organizations. Since 2021, this advanced persistent threat (APT) group has been exploiting a VMware zero-day vulnerability, identified as CVE-2023-34048. The cybersecurity ind |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2022-41040 | Unspecified | 3 | CVE-2022-41040 is a software vulnerability that was discovered in late September 2022, along with another flaw, CVE-2022-41082. These two zero-day vulnerabilities were collectively known as ProxyNotShell. The vulnerabilities were exploited to compromise Microsoft Exchange through the proxy mechanism |
CVE-2018-13379 | Unspecified | 2 | CVE-2018-13379 is a critical vulnerability that affects FortiOS and Fortiguard, presenting a flaw in their software design or implementation. This specific vulnerability, which can expose sensitive credentials, has been frequently exploited, making the top 15 most routinely exploited list in both 20 |
Owassrf | Unspecified | 2 | OWASSRF is a software vulnerability that presents a significant security risk to Microsoft Exchange Server systems. It's an exploit method that bypasses ProxyNotShell vulnerability mitigations, allowing for remote code execution on vulnerable servers through Outlook Web Access. This vulnerability ha |
Proxyshell | Unspecified | 2 | ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau |
CVE-2023-2868 | Unspecified | 1 | CVE-2023-2868 is a significant software vulnerability that was identified in the Barracuda Email Security Gateway (ESG) appliances. This flaw, specifically a remote command injection vulnerability, was disclosed by Barracuda on May 30th, 2023. The vulnerability had been exploited as early as October |
CVE-2022-41328 | Unspecified | 1 | CVE-2022-41328 is a significant software vulnerability discovered in Fortinet's FortiOS. It was heavily targeted by China-nexus intrusion sets, particularly UNC3886, who exploited the vulnerability to deploy custom malware families on Fortinet and VMware systems. This exploitation occurred in Septem |
CVE-2021-44207 | Unspecified | 1 | CVE-2021-44207 is a significant software vulnerability that was exploited by APT41, a prolific Chinese state-sponsored espionage group known for targeting both public and private sector organizations. This flaw in the USAHerds web application's design or implementation mirrors a previously reported |
Proxynotshell Cve-2022-41040 | Unspecified | 1 | None |
Follina | Unspecified | 1 | Follina, also known as CVE-2022-30190, is a notable software vulnerability that was discovered and exploited in the first half of 2022. This flaw, found in the Microsoft Windows Support Diagnostic Tool (MSDT), was weaponized by TA413, a cyber threat actor group with suspected ties to China. The grou |
Proxynotshell Cve | Unspecified | 1 | None |
CVE-2022-41080 | Unspecified | 1 | CVE-2022-41080 is a significant software vulnerability identified in 2022, specifically a flaw in the design or implementation of Microsoft Exchange Server. This vulnerability enables Server-Side Request Forgery (SSRF), potentially allowing malicious actors to manipulate server requests and execute |
CVE-2023-21529 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
BankInfoSecurity | 7 months ago | Breach Roundup: MongoDB Blames Phishing Email for Breach |
CISA | 7 months ago | #StopRansomware: Play Ransomware | CISA |
CERT-EU | 7 months ago | Play Ransomware: SafeBreach Coverage for US-CERT Alert (AA23-352A) |
CERT-EU | 8 months ago | Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks |
CERT-EU | 10 months ago | Florian Roth, Author at Nextron Systems |
CERT-EU | 10 months ago | My Tea's not cold : an overview of China's cyber threat – Global Security Mag Online |
CERT-EU | 10 months ago | Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders |
Recorded Future | a year ago | Beyond the Code: Unearthing the Subtle Business Ramifications of Six Months in Vulnerabilities |
CERT-EU | a year ago | Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders |
DARKReading | a year ago | 'Play' Ransomware Group Targeting MSPs Worldwide in New Campaign |
CERT-EU | a year ago | Unmasking the top exploited vulnerabilities of 2022 – GIXtools |
CISA | a year ago | 2022 Top Routinely Exploited Vulnerabilities | CISA |
Securityaffairs | a year ago | In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues |
CERT-EU | a year ago | Cybersecurity threatscape: Q1 2023 |
CERT-EU | a year ago | The attack via Progress MOVEit Transfer |
CERT-EU | a year ago | View the latest outbreak alerts on cyber-attacks | FortiGuard Labs |
DARKReading | a year ago | Microsoft Fixes 69 Bugs, but None Are Zero-Days |
Checkpoint | a year ago | 26th December – Threat Intelligence Report – Check Point Research |
Unit42 | a year ago | Threat Brief: OWASSRF Vulnerability Exploitation |
Securelist | a year ago | CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange |