Advertisement
Top
image credit: Adobe Stock

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

December 21, 2022

Via: The Hacker News
Category:

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA).

“The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint,” CrowdStrike researchers Brian Pitchford, Erik Iker, and Nicolas Zilio said in a technical write-up published Tuesday.

Read More on The Hacker News

RELATED PUBLICATIONS

MITRE says it was hit by hackers exploiting Ivanti flaws
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

Latest Publications

U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps
iPhone Users Are Being Targeted by MFA Bombs, Here’s What We Know
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!