25 matches found
EUVD-2006-3213
Malware in sbrugna...
New GhostContainer Malware Hits High-Value MS Exchange Servers in Asia
Kaspersky's SecureList reveals GhostContainer, a new, highly customized backdoor targeting government and high-tech organizations in Asia via Exchange server vulnerabilities. Learn how this APT malware operates and how to stay protected...
CVE-2025-3349
creationtimestamp| type| source ---|---|--- 2025-04-06 17:06:08+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114292108038095818 2025-04-07 11:46:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10695 2025-04-07 15:07:13+00:00| seen|...
GHSA-F34G-WC2M-MF76
creationtimestamp| type| source ---|---|--- 2025-02-03 21:31:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113942086547212939...
CVE-2024-57918
creationtimestamp| type| source ---|---|--- 2025-01-19 12:16:14+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3si4nugl2n 2025-01-19 12:32:34+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113855034400687613 2025-01-19 13:59:18+00:00| seen|...
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department's Office of Foreign Assets Control OFAC has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked...
CVE-2023-47692
creationtimestamp| type| source ---|---|--- 2025-01-02 12:18:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2npz3tj2l 2025-01-02 15:53:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113759564299646704...
CVE-2024-53105
creationtimestamp| type| source ---|---|--- 2024-12-02 15:51:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113584025298809728...
Vulnerabilities fixed in Microsoft Exchange
Microsoft has fixed vulnerabilities in Exchange. A malicious party can exploit the vulnerabilities to impersonate as another user and use their privileges to execute arbitrary code be able to execute arbitrary code or gain access to sensitive data. For successful abuse, the malicious party must b...
CVE-2023-32031
creationtimestamp| type| source ---|---|--- 2023-06-14 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1041 2023-06-14 10:24:46+00:00| seen| https://t.me/kasperskyb2b/694 2023-06-14 13:25:38+00:00| seen| https://t.me/truesecator/4496 2023-07-16 08:01:35+00:00|...
Rackspace confirms it suffered a ransomware attack
It's not been a great week for cloud computing service provider Rackspace. On December 2, customers began experiencing problems connecting and logging into their Exchange environments. Rackspace started investigating and discovered an issue that affected its Hosted Exchange environments. Now...
PT-2022-14862 · Undefined · Undefined
ParsedReport 01-10-2022 Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082 Threats: Chinachopper Backdoor:win32/rewritehttp...
Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this blog as standard guidance...
Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this blog as standard guidance...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Bypassing authentication Bypassing security measure Remote code execution Administrator/Roo...
Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities
Hello everyone! In this episode, lets take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into...
Microsoft Exchange Server Bugs Exploited by ‘Cuba’ Ransomware Gang
The ransomware gang known as “Cuba” is increasingly shifting to exploiting Microsoft Exchange vulnerabilities – including ProxyShell and ProxyLogon – as initial infection vectors, researchers have found. The group has likely been prying open these chinks in victims’ armor as early as last August,...
Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns
A state-backed Iranian threat actor has been using multiple CVEs – including both serious Fortinet vulnerabilities for months and a Microsoft Exchange ProxyShell weakness for weeks – looking to gain a foothold within networks before moving laterally and launching BitLocker ransomware and other...
MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption
The MosesStaff hacking group is aiming politically motivated, destructive attacks at Israeli targets, looking to inflict the most damage possible, researchers warned. Unlike other anti-Zionist hacktivists like the Pay2Key and BlackShadow gangs, which look to extort their victims and cause...
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
By Chetan Raghuprasad and Vanja Svajcer, with contributions from Caitlin Huey. Cisco Talos recently discovered a malicious campaign deploying variants of the Babuk ransomware predominantly affecting users in the U.S. with smaller number of infections in U.K., Germany, Ukraine, Finland, Brazil,...