CxoToday
CxoToday
HomePress ReleaseHive ransomware targeting MSFT Exchange via ProxyShell Vulns: Tenable
Press Release

Hive ransomware targeting MSFT Exchange via ProxyShell Vulns: Tenable

CXOtoday News DeskCXOtoday News Desk

“Attackers continue to exploit the ProxyShell vulnerabilities that were initially disclosed more than eight months ago. They have proven to be a reliable resource for attackers since their disclosure, despite patches being available. The latest attacks by an affiliate of the Hive ransomware group are enabled by the ubiquity of Microsoft Exchange and apparent delays in patching these months-old vulnerabilities. Organizations around the world in diverse sectors use Microsoft Exchange for critical business functions, making it an ideal target for threat actors. 

 

“The exploit chain allows attackers to elevate privileges and then execute code remotely, and the availability of proofs-of-concept makes it easy for them to adopt into their playbooks. 

“Because the ProxyShell chain goes from feature bypass, to privilege escalation, to remote code execution, it reduces the amount of reconnaissance and intermediate steps required for attackers to infiltrate target systems.” — Claire Tills, Senior Research Engineer at Tenable

Tags :Tenable
add a comment

Leave a Response

You Might Also Like

CxoToday
CXOtoday is a premier resource on the world of IT, relevant to key business decision makers. We offer IT perspective & news to the C-suite audience. We also provide business and technology news to those who evaluate, invest, and manage the IT infrastructure of organizations. CXOtoday has a well-networked and strong community that encourages discussions on what’s happening in the world of IT and its impact on businesses.

Useful Links

Information

Connect

Facebook Twitter Linkedin

Copyright © 2024 Trivone. All Rights Reserved.

channeltimes
Techtree
SupportBiz
khelnama