The latest attack against Exchange servers utilizes at least two new flaws (CVE-2022-41040, CVE-2022-41082) that have been assigned CVSS scores of 6.3 and 8.8.
September 30, 2022
The ProxyShell vulnerabilities have prompted threat actors to launch domain-wide ransomware attacks against their targets.
November 16, 2021
Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers.
September 4, 2021
Researchers have identified 140+ webshells launched against 1,900 unpatched Microsoft Exchange servers.
August 26, 2021