ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors

On approximately August 21, 2021, security researchers, leaders, and eventually the CISA, began voicing concerns about the inevitable threat of LockFile ransomware attacks on a wide variety of ill-informed and unprepared victims. Threat actors had been caught targeting on-premises Exchange servers via ProxyShell vulnerabilities. These vulnerabilities have been dubbed, “worse than ProxyLogon

Read More: https://blog.morphisec.com/proxyshell-exchange-exploitation-now-leads-to-an-increasing-amount-of-cobaltstrike-backdoors