proxyshell – Computer Security Articles

2022’s most routinely exploited vulnerabilities—history repeats

August 7, 2023 admin atlassian, cve-2021-13379, cve-2021-26084, cve-2021-31207, cve-2021-34473, cve-2021-34523, cve-2021-40539, cve-2021-44228, cve-2022-1388, cve-2022-22954, cve-2022-22960, cve-2022-26134, cve-2022-30190, Exploits and vulnerabilities, follina, log4shell, news, proxyshell, zoho manageengine

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zoho ManageEngine

Tags: CVE-2021-40539

Tags: Log4Shell

Tags: CVE-2021-44228

Tags: CVE-2021-13379

Tags: ProxyShell

Tags: CVE-2021-34473

Tags: CVE-2021-31207

Tags: CVE-2021-34523

Tags: CVE-2021-26084

Tags: Atlassian

Tags: CVE-2022-22954

Tags: CVE-2022-22960

Tags: CVE-2022-26134

Tags: CVE-2022-1388

Tags: CVE-2022-30190

Tags: Follina

What can the routinely exploited vulnerabilities of 2022 tell us, and what do we think will make it on to next year’s list?

MalwareBytes Security

[updated]Two new Exchange Server zero-days in the wild

October 4, 2022 admin cve-2022-41040, cve-2022-41082, Exchange, Exploits and vulnerabilities, news, proxyshell, RCE, remote powershell, SSRF, Web Shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

Security Sophos

Two Exchange Server vulns veer dangerously close to ProxyShell

October 3, 2022 admin Exchange Server, Featured, proxyshell, SSRF, threat research

Credit to Author: Angela Gunn| Date: Mon, 03 Oct 2022 22:03:02 +0000

A chained pair of vulnerabilities, plus PowerShell, affects the Microsoft messaging platform well in advance of Patch Tuesday; Sophos customers are protected

MalwareBytes Security

Two new Exchange Server zero-days in the wild

September 30, 2022 admin cve-2022-41040, cve-2022-41082, Exchange, Exploits and vulnerabilities, news, proxyshell, RCE, remote powershell, SSRF, Web Shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

MalwareBytes Security

IIS extensions are on the rise as backdoors to servers

July 27, 2022 admin backdoor, cryptomining, Exploits and vulnerabilities, extensions, iis, modules, proxylogon, proxyshell, reports, Server, wdigest

Credit to Author: Pieter Arntz| Date: Wed, 27 Jul 2022 13:58:06 +0000

The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers.

The post IIS extensions are on the rise as backdoors to servers appeared first on Malwarebytes Labs.

MalwareBytes Security