In early August 2022, the Vietnam-based Cybersecurity company GTSC, discovered a zero-day vulnerability in the Microsoft Exchange platform, which received the name “ProxyNotShell”.
The Zero Day Initiative (ZDI) acknowledged this as two vulnerabilities – a Server-Side Request Forgery (SSRF) vulnerability and a remote code execution (RCE) vulnerability. Both can be executed, by any user authorized to use the Exchange servers, on any organization running an on-premise Exchange Server presented to the internet or an Outlook Web App facing the internet.
In time, ProxyNotShell might become the next big thing to put companies around the globe at risk, forcing them to use every possible way to mitigate the threat of being brutally compromised.
Microsoft has yet to publish an official patch for these vulnerabilities.
Explore our Exchange ProxyNotShell Vulnerability Spotlight to learn how to keep your organization from becoming the next victim. You will learn about the risk that the ProxyNotShell vulnerability poses, the common attack flow based on this vulnerability, and gain important knowledge about how to detect and mitigate this threat.
Check out the Exchange ProxyNotShell Vulnerability Spotlight Now
Spotlight on APT44 (Sandworm): Defend Against a Notorious Threat APT44—also known as Sandworm, ELECTRUM, and VOODOO BEAR—is a destructive threat group linked to Russia’s Unit […]
Inside This Campaign: Stay Ahead of Emerging ThreatsDiscover Fancy Bear (APT28)•Who they are: A Russian cyber-espionage group linked to military intelligence.•Their mission: Advanced geopolitical intelligence […]
Discover & Defend: Apache OFBiz SpotlightUncover the critical vulnerability lurking in Apache OFBiz, the open-source ERP system at the core of Atlassian JIRA, used by […]
