“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…
Tag: ProxyShell
Unpatched Microsoft Exchange Servers abused in new phishing campaign
The noteworthy aspect of this phishing campaign is that the emails were sent as replies to previously sent messages, due to which these appeared legit. According to the IT security…
IKEA Hit by Email Reply-Chain Cyberattack
IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. As of Friday – as in,…
Attackers Hijack Email Threads Using ProxyLogon/ProxyShell Flaws
Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping past malicious-email filters. Attackers are gnawing on the ProxyLogon and ProxyShell vulnerabilities in Microsoft…
Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz
Hackers Exploit ProxyLogon and ProxyShell Bugs in Phishing Blitz Security researchers have warned attackers are abusing months-old Microsoft Exchange Server flaws to send convincing malware-laden phishing emails within organizations. A team…
The IT Sector Targeted by Iranian State Cybercriminals, Microsoft Says
Microsoft declares that Iranian cybercrime organizations have been trying to breach IT services businesses more frequently this year to collect credentials that they could further use to compromise the networks…
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Trend Micro – Trend Micro – Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains Exploits & Vulnerabilities Squirrelwaffle is known for using the tactic of sending malicious spam as…
Microsoft Exchange and Fortinet Vulnerabilities Exploited by Iranian APT
An APT assault generally involves a group of highly competent hackers with very specific targets and a “slow and steady” approach to planning and executing their crimes.As Elena mentioned, APT…
US, UK, and Australia pin Iran for exploiting Fortinet and Exchange holes
Image: Fortinet, ZDNet Cyber authorities across the US, UK, and Australia have called for administrators to immediately patch a quartet of vulnerabilities — CVE-2021-34473, 2020-12812, 2019-5591, and 2018-13379 — after…