Proxy Exploit Chains Used To Attack Exchange Servers
The ProxyLogon, ProxyShell, ProxyNotShell, and OWASSRF exploit chains were used to attack Microsoft Exchange servers across a range of sectors including real estate, law firms, manufacturing, consulting, wholesale, and arts and entertainment.
Exploitation of the flaws resulted in systems infected with web shells, ransomware, remote access tools, and backdoors.
Multiple legitimate Windows binaries were used to carry out the attacks including PowerShell, Rundll32, Ping, and Net.
Featured Resources
blog
Proactive Security in Action: What Real-World Gaps Reveal About Cyber Resilience
Today’s threat actors move fast, and reactive security is no longer enough. Most breaches have a common root cause: a
E-book
10 Cybersecurity Exposures You Can’t Afford to Ignore
Lessons from Real-World Exposure Validation Think your defenses are airtight?Even well-funded, mature security programs can leave dangerous gaps. This eBook
blog
Kubernetes Security Best Practices: Insights from Real-World Attack Simulations
Securing Kubernetes in production environments is more than a checkbox exercise. It’s a continuous battle against sophisticated attack vectors. Research