all InfoSec news
Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server
Sept. 30, 2022, 9:16 p.m. | Unknown (noreply@blogger.com)
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com
Cisco Talos has released new coverage to detect and prevent the exploitation of two recently disclosed vulnerabilities collectively referred to as "ProxyNotShell," affecting Microsoft Exchange Servers 2013, 2016 and 2019. One of these vulnerabilities could allow an attacker to execute remote code on the targeted server. Limited exploitation of these vulnerabilities in the wild has been reported. CVE-2022-41040 is a Server Side Request Forgery (SSRF) vulnerability, while CVE-2022-41082 enables Remote Code Execution (RCE) when PowerShell is accessible to the attackers. …
actively exploited advisory cve-2022-41040 cve-2022-41082 exchange exchange server microsoft microsoft exchange server threat threat advisory vulnerabilities
More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Jobs in InfoSec / Cybersecurity
Information Technology Specialist II: Network Architect
@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Information Security Officer DIGI
@ Citymesh | Oostkamp, Vlaams Gewest, Belgium
Banking Sector | SOC Analyst
@ Devoteam | Porto, Portugal
Principal Cloud Security Engineer
@ Arctic Wolf | Remote - Minnesota