Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2023/01/06 9:1 a.m.197 views

Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach

Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach. The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted...

9.8CVSS1.2AI score0.99964EPSS
Exploits16
The Hacker News
The Hacker News
added 2022/12/21 7:41 a.m.406 views

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution RCE through Outlook Web Access OWA. "The new exploit method bypasses...

9.8CVSS1.8AI score0.99964EPSS
Exploits16
OSV
OSV
added 2022/11/09 10:15 p.m.1 views

CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability...

8.8CVSS7.3AI score0.77326EPSS
Exploits4References2
ATTACKERKB
ATTACKERKB
added 2022/11/09 12:0 a.m.54 views

CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability Recent assessments: zeroSteiner at January 10, 2023 3:53pm UTC reported: This is an alternative method for bypassing Exchange Emergency Mitigation Service EEMS protections for the ProxyNotShell exploit chain. When this CVE is combined...

9.8CVSS8.6AI score0.99964EPSS
In wildExploits11References3
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.11 views

CVE-2022-41080 Microsoft Exchange Server Elevation of Privilege Vulnerability

...

8.8CVSS8.9AI score0.77326EPSS
Exploits4References1
CVE
CVE
added 2022/11/09 12:0 a.m.821 views

CVE-2022-41080

CVE-2022-41080 is an Elevation of Privilege vulnerability in Microsoft Exchange Server. The connected sources describe it as an unspecified Exchange Privilege Escalation that is chainable with CVE-2022-41082 (which enables RCE). Public technical details in the provided documents are limited: no e...

9.8CVSS9.3AI score0.77326EPSS
In wildExploits4References2Affected Software1
NCSC
NCSC
added 2022/11/08 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities allow an authenticated malicious person with access to the victim's network is able to impersonate impersonate another user and/or obtain elevated privileges. Very few details have been made available by Microso...

9.8CVSS6.3AI score0.99964EPSS
Exploits11
Circl
Circl
added 2022/09/30 8:40 a.m.12 views

CVE-2022-41080

creationtimestamp| type| source ---|---|--- 2022-09-30 08:40:20+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus14/2022 2022-11-09 14:40:05+00:00| seen| https://t.me/truesecator/3680 2022-11-10 00:46:25+00:00| seen| https://t.me/cibsecurity/52770 2022-12-21 14:45:32+00:00|...

9.8CVSS7.5AI score0.77326EPSS
Exploits4References15
Rows per page
Query Builder