#proxynotshell نتائج البحث

Reminds me of the #ProxyNotShell warning from the #NCSC about 1000's of vulnerable Microsoft #Exchange Servers in Switzerland in 2022/2023. #trendmicro linkedin.com/posts/michaels…

Selon @onyphe, il y avait là, encore hier, un serveur #Exchange dans une version affectée par #ProxyNotShell. C'est surprenant, au demeurant, car le patch pour la CVE-2023-3519 semble avoir été appliqué sous une semaine.

Nation-state, eCrime and hacktivist threat actors more into data theft and extortion campaigns: Report #Crowdstrike #AdamMeyers #Proxynotshell #Microsoft #Falcon #CloudExploitations #Cyberattacks cio.economictimes.indiatimes.com/news/digital-s…

Accessoirement, @onyphe y voit du #proxynotshell

#ElectoralCommission had internet-facing server with unpatched vuln theregister.com/2023/08/11/ele… #ProxyNotShell #vulnerability could be how UK body got pwned, suggests #infosec expert. #CyberSecurity #Hacking #Hacker #CyberAttack #DataTheft

Dans un communiqué, @FranceRugby évoque une #cyberattaque limitée à son serveur de messagerie. Une serveur #Exchange qui, selon @onyphe, était encore dans une version concernée par #ProxyNotShell, le 7 juin. Un air déjà-vu après #Play vs @Rackspace fin 2022.

Just been notified that @CorribOilGIR are suffering a ransomware attack by the Play ransomware group. Play have been seen using #ProxyNotShell vulns, credential stuffing and access brokers to gain initial access with valid creds. Sad times. #Ransomware

泛化国家安全概念，滥用国家力量，无理打压别国企业，这就是美国霸权 #ProxyNotShell

Ides of March, meet the arghs of December (2022): At the approximate three-month mark for #OWASSRF – aka Son Of #ProxyNotShell -- X-Ops researchers look at how defenders have taken on the fight. news.sophos.com/en-us/2023/03/…

وبحسب الباحثين فإن عدد مجموعات القراصنة يتزايد بسرعات كبيرة، مدعين أنه خلال 2022 ظهر 33 خصمًا جديدًا. وعلاوة على ذلك، لا يزال #القراصنة يستخدمون الثغرات الأمنية المعروفة والأدوات القديمة. ولا تزال ثغرة #Log4Shell تمثل عائقًا كبيرًا بالإضافة إلى ثغرتي #ProxyNotShell و Follina. 6/6

Selon les données de @onyphe, il y a là du #proxynotshell 🤷‍♂️

Exchange サーバと ProxyNotShell：緩和策では攻撃を防げないと Microsoft が警告 #security #exchange #proxynotshell #vulnerability iototsecnews.jp/2023/01/26/mic…

Una investigación de @Bitdefender alerta sobre una nueva ola de ataques que utiliza vulnerabilidades conocidas y cadenas de exploits #ProxyNotShell/OWASSRF para atacar implementaciones locales de #MicrosoftExchange bit.ly/3RnDUH6

#Rackspace hat bekannt gegeben, dass Angreifer bei einem Einbruch auf Kundendaten zugegriffen haben. Der Einbruch fand am 6. Dezember statt. Das Unternehmen ist noch dabei, die Daten der Kunden wiederherzustellen und alle Details des Verstoßes zu untersuchen. #proxynotshell

HackRead: Alert: Microsoft Exchange Servers are under a new wave of cyberattacks in which threat actors are leveraging #ProxyNotShell and #OWASSRF vulnerabilities. Read: hackread.com/ms-exchange-se… #Security #Microsoft #Vulnerability #CyberAttack

Alert: Microsoft Exchange Servers are under a new wave of cyberattacks in which threat actors are leveraging #ProxyNotShell and #OWASSRF vulnerabilities. Read: hackread.com/ms-exchange-se… #Security #Microsoft #Vulnerability #CyberAttack

CVE-2022-41040 & CVE-2022-41082 #proxynotshell

I wrote a quick Nmap script to scan for servers potentially vulnerable to #ProxyNotShell (based on Microsoft's recommended URL blocking rule) I hope it can be useful for someone :) [+] github.com/CronUp/Vulnera… #0day CVE-2022-40140 CVE-2022-41082

One Picture Lesson - #ProxyNotShell #infosec #cybersecurity #TodayCyberNews #bugbounty #Microsoft

#ProxyNotShell latest results

CVE-2022–41040: ProxyNotShell Exchange Vulnerability infosecwriteups.com/cve-2022-41040… #Pentesting #ProxyNotShell #Vulnerability #CyberSecurity #Infosec

#ProxyNotShell vs Double URL encoding. It seems that "{UrlDecode:{REQUEST_URI}}" is not enough either, the server only processes the first encoding 🥹 (must be validated)

Microsoft Exchangeサーバーの脆弱性、CVE-2022-41040とCVE-2022-41082(別名 #ProxyNotShell)が開示されました。悪用された場合リモートからのコード実行が可能となります。本稿では推奨事項と緩和策について解説します。 bit.ly/3VeHgOe

We are reporting out Microsoft Exchange servers still likely vulnerable to CVE-2022-41082 #ProxyNotShell. Nearly 70K IPs found without MS patches applied (based on version info). Previously recommended mitigation techniques can be bypassed by attackers shadowserver.org/what-we-do/net…

Microsoft aún no corrige #proxynotshell blog.segu-info.com.ar/2022/10/micros…

#ProxyNotShell #ProxyShell #bugbountytips #nmap #0day

This is why I LOVE @GreyNoiseIO viz.greynoise.io/tag/exchange-p… #ProxyNotShell CVE-2022-41040 CVE-2022-41082

A few days in, time to check Proxy(Not)Shell mitigation status ! #ProxyNotShell

💣 ProxyNotShell PoC ( 1/2 ) ProxyNotShell this is a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery vulnerability (CVE-2022-41040) #exchange #proxynotshell #ssrf #rce #infosec #bugbounty #cybersecurity #bugbountytip

Desde el CSIRT de Gobierno llamamos a implementar las actualizaciones de seguridad entregadas por #Microsoft ayer, que incluyen parches para las vulnerabilidades de #MicrosoftExchange apodadas "#proxynotshell", CVE-2022-41040 y CVE-2022-41082. Detalles en csirt.gob.cl/noticias/10cnd…

#ProxyNotShell scanner by @q8fawazo github.com/smokeme/ProxyN… List of Dorks 👇 github.com/Vulnmachines/P… #infosec #cybersecuritytips #bugbountytip #bugbountytips

I'm very late to the party... just having a bit of fun with the #proxynotshell thing, I created this Nuclei template that worked for me to check potentially vulnerable Exchanges. It has the latest mitigation bypass '%40owershell'.

.@nas_bench and I wrote some Sigma and YARA rules to detect the exploitation of #ProxyNotShell using the OWASSRF method reported by @crowdstrike Blog post with links to the rules nextron-systems.com/2022/12/23/ext…

CVE-2022-41040 and CVE-2022-41082 (aka #ProxyNotShell) can be used for remote code execution. Read our analysis and suggestions for how to mitigate. bit.ly/3yditAg

Is #ProxyNotShell the New Proxy Hell? #CyberSecurity #infosec #cybercrime buff.ly/3CsSRlc

Really surprised to see so many infosec folks amplify GTSC's attribution of active #ProxyNotShell exploitation to a Chinese actor given how thin the evidence is - good thing only Chinese APTs can speak Chinese! /s