ProxyToken Vulnerability Allows Stealing Mail Through Microsoft Exchange

A dangerous vulnerability called ProxyToken has been discovered in Microsoft Exchange. An attacker can exploit this problem by making requests to the Exchange Control Panel (ECP) web services and stealing messages from the victim’s mailbox. Initially, the problem was discovered by a VNPT ISC specialist, who reported it to Trend Micro Zero-Day Initiative (ZDI) experts… Continue reading ProxyToken Vulnerability Allows Stealing Mail Through Microsoft Exchange

LockFile ransomware adopts ProxyShell and PetitPotam vulnerabilities

The new LockFile ransomware exploits recently discovered ProxyShell and PetitPotam vulnerabilities to increase its chances of hacking and encrypting corporate networks. Experts from TG Soft and well-known information security researcher Kevin Beaumont reported about the new threat. They write that LockFile operators are using recently discovered vulnerabilities, collectively known as ProxyShell, to attack Microsoft Exchange… Continue reading LockFile ransomware adopts ProxyShell and PetitPotam vulnerabilities

Over 2000 Exchange Servers Hacked Using ProxyShell Exploit

Researchers at Huntress Labs estimate that over the past few days, about 2,000 Microsoft Exchange mail servers have been compromised and infected with backdoors, because their owners have not installed patches to fix ProxyShell vulnerabilities. Let me remind you that the vulnerabilities, which were collectively called ProxyShell, were discussed at the Black Hat conference in… Continue reading Over 2000 Exchange Servers Hacked Using ProxyShell Exploit