all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New Exploit Method Bypasses Official ProxyNotShell Mitigation

Add to bookmarks
Jan. 4, 2023, 12:48 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of reports that threat actors are using a combination of ProxyNotShell vulnerabilities (CVE-2022-41040 and CVE-2022-41082) in combination with Outlook Web Access (OWA) and a server side request forgery (SSRF) in a new exploit chain utilizing PowerShell to obtain a foothold and deliver malware (tools, Play ransomware) within a targeted environment ultimately for persistence. The new exploit vector is a Server Side Request Forgery (SSRF) attack on Outlook Web Access (OWA) which is being dubbed as OWASSRF. …

access aware cve cve-2022-41040 cve-2022-41082 exploit forgery labs malware mitigation official outlook owa play play ransomware powershell ransomware reports request server server side ssrf threat threat actors tools vulnerabilities web

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Check Point Quantum Security Gateways Information Disclosure Vulnerability (CVE-2024-24919) 1 day, 4 hours ago | fortiguard.fortinet.com
NextGen Healthcare Mirth Connect RCE (CVE-2023-43208, CVE-2023-37679) 5 days, 3 hours ago | fortiguard.fortinet.com
code code execution command command injection +29
Genesis Market Malware Attack 1 week, 3 days ago | fortiguard.fortinet.com
attack campaign counterfeit dismantled +26
Google Chromium in Visuals Use-After-Free Vulnerability (CVE-2024-4671) 2 weeks, 5 days ago | fortiguard.fortinet.com
browser can chrome chromium +15
GitLab Password Reset Vulnerability (CVE-2023-7028) 3 weeks, 1 day ago | fortiguard.fortinet.com
account administrator attacker cisa +23
Tinyproxy use-after-free Vulnerability (CVE-2023-49606) 3 weeks, 3 days ago | fortiguard.fortinet.com
actor arbitrary code can code +21
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 3 weeks, 5 days ago | fortiguard.fortinet.com
access advisory application attackers +29
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 1 month ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 1 month ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com