Bleeping Computer

Exploit released for actively abused ProxyNotShell Exchange bug

Proof-of-concept exploit code has been released online for two actively exploited and high-severity vulnerabilities in Microsoft Exchange, collectively known as ProxyNotShell. Tracked as ...
Bleeping Computer

Microsoft updates mitigation for ProxyNotShell Exchange zero days

Microsoft has updated the mitigations for the latest Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, also referred to ProxyNotShell. The initial recommendations were ...
HotHardware

Nearly 70K Unpatched Exchange Servers Are Sitting Ducks For ProxyNotShell Exploit

We all like to think our organization's e-mail is secure—secure in the knowledge that your IT administrator is keeping things up to date, safe, and secure. After all, you have to change your password ...
Dark Reading

Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet

Microsoft is fast-tracking patches for two Exchange Server zero-day vulnerabilities reported overnight, but in the meantime, businesses should be on the lookout for attacks. The computing giant said ...
Dark Reading

Rackspace: Ransomware Attack Bypassed ProxyNotShell Mitigations

Managed cloud hosting services company Rackspace Technology has confirmed that the massive Dec. 2 ransomware attack that disrupted email services for thousands of its small-to-midsized business ...
IT News For Australia Business

Researchers find new 'ProxyNotShell' Exchange exploit

Security researchers have found a new exploit that allows attackers to remotely execute code through Outlook Web Access (OWA), on Microsoft Exchange Server. Crowdstrike said the new exploit method ...