Source |
SC Magazine |
Identifiant |
8296284 |
Date de publication |
2022-12-21 18:21:25 (vue: 2022-12-30 22:03:49) |
Titre |
Ransomware groups use new exploit to bypass ProxyNotShell mitigations for Microsoft Exchange (Recyclage) |
Texte |
Threat actors affiliated with the Play ransomware strain are leveraging a never-before-seen exploit method that bypasses Microsoft's ProxyNotShell URL rewrite mitigation to gain remote code execution through Outlook Web Access (OWA). |
Envoyé |
Oui |
Condensat |
access actors affiliated are before bypass bypasses code exchange execution exploit gain groups leveraging method microsoft mitigation mitigations for never new outlook owa play proxynotshell ransomware remote rewrite seen strain threat through url use web |
Tags |
Ransomware
|
Stories |
|
Notes |
★
|
Move |
|
Source |
The Hacker News |
Identifiant |
8293320 |
Date de publication |
2022-12-21 13:11:00 (vue: 2022-12-21 09:05:39) |
Titre |
Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations (Recyclage) |
Texte |
Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA).
"The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint," CrowdStrike researchers Brian Pitchford, |
Envoyé |
Oui |
Condensat |
access achieve actors affiliated are before blocking brian bypass bypasses bypasses url chain code crowdstrike endpoint exchange execution exploit flaws hackers known leveraging method microsoft mitigations mitigations for never new outlook owa pitchford play proxynotshell ransomware rce remote researchers rewrite rules seen server strain the autodiscover threat through using way web |
Tags |
Ransomware
Threat
|
Stories |
|
Notes |
★★★★
|
Move |
|