“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…
Tag: ProxyShell vulnerabilities
IKEA Hit by Email Reply-Chain Cyberattack
IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. As of Friday – as in,…
Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws
Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters. Attackers are gnawing on the ProxyLogon and ProxyShell vulnerabilities in Microsoft…
Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz
Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz Security researchers have warned attackers are abusing months-old Microsoft Exchange Server flaws to send convincing malware-laden phishing emails within organizations. A team…
Iranian government-backed hackers target critical infrastructure with ransomware, US says
Written by Tim Starks Nov 17, 2021 | CYBERSCOOP U.S., U.K. and Australian cyber agencies on Wednesday accused Iranian government-sponsored hacking groups of exploiting Microsoft and Fortinet vulnerabilities this year…
ProxyShell vulnerabilities exploited in domain-wide ransomware attacks
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets, revealed a new research report from The DFIR Report. The report, published on Monday, explained…
New APT ChamelGang Targets Russian Energy, Aviation Orgs
First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks. A new APT…
ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors
On approximately August 21, 2021, security researchers, cybersecurity leaders, and eventually the CISA, began voicing concerns about the inevitable threat of LockFile ransomware attacks on a wide variety of ill-informed…