Lucene search
+L

17 matches found

ics
ics
added 2022/11/25 12:0 p.m.93 views

#StopRansomware: Hive Ransomware

Actions to Take Today to Mitigate Cyber Threats from Ransomware: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable and enforce multifactor authentication with strong passwords. 3. Close unused ports and remove any application not deemed necessary for day-to-day operations...

10CVSS8.7AI score0.99999EPSS
Exploits27References54
hivepro
hivepro
added 2022/03/25 4:5 a.m.455 views

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...

10CVSS0.9AI score0.99999EPSS
Exploits18
trellix
trellix
added 2022/02/28 12:0 a.m.401 views

Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware

Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware By Taylor Mullins · February 28, 2022 BlackByte Ransomware has been in the news of late due to a successful attack against a National Football League NFL Franchise and a Joint Cybersecurity Advisory by the Federal Bureau ...

0.8AI score0.99999EPSS
Exploits18
checkpoint_advisories
checkpoint_advisories
added 2021/12/16 12:0 a.m.7 views

Microsoft Exchange Server Security Feature Authentication Bypass (CVE-2021-31207)

An authentication bypass vulnerability exists in Microsoft Exchange Server. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

6.5CVSS5.8AI score0.99782EPSS
Exploits11
vulncheck_kev
vulncheck_kev
added 2021/08/30 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-31207

Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass...

6.6CVSS7.2AI score0.99782EPSS
Exploits11References1
hivepro
hivepro
added 2021/08/24 10:35 a.m.876 views

ProxyShell and PetitPotam exploits weaponized by LockFile Ransomware Group

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. LockFile, a new ransomware gang, has been active since last week. LockFile began by using a publicly disclosed PetitPotam exploit CVE-2021-36942 to compromise Windows Domain Controllers earlier this week. Using ProxyShell...

10CVSS0.5AI score0.99999EPSS
Exploits22
malwarebytes
malwarebytes
added 2021/08/23 1:21 p.m.728 views

Patch now! Microsoft Exchange is being attacked via ProxyShell

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities—CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. These vulnerabilities can be chained together to remotely execute...

10CVSS9.8AI score0.99999EPSS
Exploits18
cisa
cisa
added 2021/08/21 12:0 a.m.136 views

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities

Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine. CISA strongly urges organizations to identify vulnerable...

10CVSS2.8AI score0.99999EPSS
In wildExploits18References4
packetstorm
packetstorm
added 2021/08/20 12:0 a.m.1029 views

Microsoft Exchange ProxyShell Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'winrm' class MetasploitModule 'Microsoft Exchange ProxyShell RCE', 'Description' = %q This module exploit a vulnerability on Microsoft Exchange Server that allo...

10CVSS0.3AI score0.99999EPSS
Exploits18
githubexploit
githubexploit
added 2021/08/10 3:1 p.m.493 views

Exploit for Server-Side Request Forgery in Microsoft

Proxyshell-Scanner nuclei scanner for Proxyshell RCE CVE-2021...

10CVSS8.8AI score0.99999EPSS
Exploits17
attackerkb
attackerkb
added 2021/07/14 12:0 a.m.439 views

ProxyShell Exploit Chain

Microsoft Exchange Server Remote Code Execution Vulnerability Recent assessments: ccondon-r7 at August 12, 2021 9:19pm UTC reported: Check out the Rapid7 analysis for details on the exploit chain. Seems like a lot of the PoC implementations so far are using admin mailboxes, but I’d imagine folks...

10CVSS8.7AI score0.99999EPSS
In wildExploits18References10
circl
circl
added 2021/05/12 2:21 p.m.17 views

CVE-2021-31207

creationtimestamp| type| source ---|---|--- 2021-05-12 14:21:07+00:00| seen| https://t.me/truesecator/1705 2021-08-19 15:41:58+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/exchangeproxyshellrce.rb 2021-08-23 12:25:04+00:00| seen|...

6.6CVSS6.9AI score0.99782EPSS
Exploits11References37
thn
thn
added 2021/05/12 9:15 a.m.127 views

Latest Microsoft Windows Updates Patch Dozens of Security Flaws

Microsoft on Tuesday rolled out its scheduled monthly security update with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one ...

9.9CVSS9.1AI score0.99782EPSS
Exploits43
nvd
nvd
added 2021/05/11 7:15 p.m.27 views

CVE-2021-31207

Microsoft Exchange Server Security Feature Bypass Vulnerability...

6.6CVSS0.99782EPSS
Exploits11References4
cvelist
cvelist
added 2021/05/11 7:11 p.m.30 views

CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability

...

6.6CVSS7.2AI score0.99782EPSS
Exploits11References3
cve
cve
added 2021/05/11 7:11 p.m.1893 views

CVE-2021-31207

CVE-2021-31207 is one of the ProxyShell chain affecting on-premises Microsoft Exchange Server, enabling post-auth arbitrary-file-write that can lead to remote code execution. Exploitation chains documented in FireEye and related advisories describe initial steps using Autodiscover and MAPI to lea...

6.6CVSS8.2AI score0.99782EPSS
In wildExploits11References4Affected Software1
attackerkb
attackerkb
added 2021/05/11 12:0 a.m.166 views

CVE-2021-31207

Microsoft Exchange Server Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

6.6CVSS2.4AI score0.99782EPSS
In wildExploits11References4
Rows per page
Query Builder