ProxyShell

MS Exchange Server Flaw: Keylogger Deployment Revealed

| | Africa Cybersecurity, Cybersecurity, Cybersecurity News, Data Privacy, Email Server Security, Endpoint Protection, Incident Response, keylogger, Middle East Cybersecurity, MS Exchange Server, Network Security, patch management, Positive Technologies, ProxyShell, Threat Intelligence, vulnerability
In a recent revelation, an unidentified malicious actor has been exploiting vulnerabilities in Microsoft Exchange Server to infiltrate systems with a keylogger malware, targeting various entities across Africa and the Middle East ...
TuxCare
ProxyShell or ProxyNotShell? Let’s Set The Record Straight

ProxyShell or ProxyNotShell? Let’s Set The Record Straight

| | Application Security, patch management, ProxyNotShell, ProxyShell, Rezilion research, Software Attack Surface Management, software-vulnerabilities, Uncategorized, Vulnerability Management
Before diving into ProxyNotShell, we will start by giving some context regarding the original ProxyShell vulnerabilities. On BlackHat USA 2021, Orange Tsai (a 0-day researcher focusing on web/application security) revealed the three ...
Rezilion
JFK; files, Microsoft Recall security privacy features cybersecurity

Two New Exchange Zero-Days Raise Questions About Microsoft Security

| | Exchange, exchange vulnerability, Microsoft, ProxyShell
Microsoft finally issued CVEs—CVE-2022–41040 and CVE-2022–41082—for two new zero-day vulnerabilities in Exchange, ending a few days of speculation that the duo were, in fact, ProxyShell flaws uncovered in 2021. “I am calling ...
Security Boulevard
Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

| | Anti-Ransomware, antivirus, Cybereason Anti-Ransomware Solution, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, enterprise security, EPP, Exploits, Extended Detection and Response, Hafnium, Microsoft, microsoft defender, Microsoft Exchange, Microsoft Hypertext Markup Language, Network Security, Next Generation Antivirus, ngav, ProxyLogon, ProxyShell, SolarWinds Attacks, Unified Endpoint Security, Vulnerabilities, vulnerability
It has been a very busy year when it comes to Microsoft zero-day attacks. According to KrebsOnSecurity, May is the only month in 2021 that Microsoft didn’t release a patch to defend ...
Blog