Lucene search
+L

5 matches found

Information Security Automation
Information Security Automation
added 2021/08/31 11:16 p.m.260 views

Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs

Hello everyone! This is a new episode with my comments on the latest Information Security news. Exchange ProxyShell I want to start with something about attacks on Exchange. ProxyShell is in the news, the LockFile ransomware compromised more than 2000 servers. On the other hand, there is basicall...

10CVSS9.9AI score0.99999EPSS
Exploits70
ThreatPost
ThreatPost
added 2021/08/31 10:42 a.m.22 views

LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection

Researchers discovered a novel ransomware emerging on the heels of the ProxyShell vulnerabilities discovery in Microsoft Exchange servers. The threat, dubbed LockFile, uses a unique “intermittent encryption” method as a way to evade detection as well as adopting tactics from previous ransomware...

7.4AI score
Exploits0References12
The Hacker News
The Hacker News
added 2021/08/28 4:37 p.m.20 views

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption

A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called "intermittent encryption." Called LockFile, the operators of the ransomware have been found exploiting recently disclosed flaws such as ProxyShel...

6.9AI score
Exploits0
hivepro
hivepro
added 2021/08/24 10:35 a.m.876 views

ProxyShell and PetitPotam exploits weaponized by LockFile Ransomware Group

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. LockFile, a new ransomware gang, has been active since last week. LockFile began by using a publicly disclosed PetitPotam exploit CVE-2021-36942 to compromise Windows Domain Controllers earlier this week. Using ProxyShell...

10CVSS0.5AI score0.99999EPSS
Exploits22
ThreatPost
ThreatPost
added 2021/08/23 6:54 p.m.54 views

ProxyShell Attacks Pummel Unpatched Exchange Servers

Over the weekend, the Cybersecurity & Infrastructure Security Agency CISA issued an urgent alert that attackers are actively attacking ProxyShell vulnerabilities in unpatched Microsoft Exchange Servers, joining researchers in urging organizations to immediately install the latest Microsoft Securi...

10CVSS8.9AI score0.99999EPSS
Exploits18References13
Rows per page
Query Builder