BACKGROUND:
Following warnings from CISA* of malicious cyber actors targeting ProxyShell vulnerabilities, there is growing concerned more government and organization systems could be exposed.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Attackers began scanning for servers vulnerable to the ProxyShell attack chain almost as soon as Orange Tsai’s presentation went live. Given the popularity of its predecessor, ProxyLogon, with attackers, we knew exploitation was coming. These vulnerabilities are likely popular because of the ubiquity of Microsoft Exchange — threat actors know they have a higher potential for successful attacks by targeting services like this. The former success of attacks leveraging ProxyLogon also draws
.....Read MoreAttackers began scanning for servers vulnerable to the ProxyShell attack chain almost as soon as Orange Tsai’s presentation went live. Given the popularity of its predecessor, ProxyLogon, with attackers, we knew exploitation was coming. These vulnerabilities are likely popular because of the ubiquity of Microsoft Exchange — threat actors know they have a higher potential for successful attacks by targeting services like this. The former success of attacks leveraging ProxyLogon also draws attackers to ProxyShell, relying on attacks and tactics known to work.
Read LessProxyShell is now being used to deploy the LockFile ransomware and I expect other actors will integrate it into their attacks. The threat is certainly real, as CISA warned organizations over the weekend of in-the-wild exploitation. To protect against attacks, organizations should ensure they’re applying the patches released in April and May for Microsoft Exchange Servers.
Linkedin Message
@Claire Tills, Senior Research Engineer, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/commentary-proxyshell-flaws-warning-could-spell-trouble-for-unprepared-organisations
Facebook Message
@Claire Tills, Senior Research Engineer, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/commentary-proxyshell-flaws-warning-could-spell-trouble-for-unprepared-organisations