proxyshell

Insights into Ransomware Spread Using Exchange 1-Day Vulnerabilities 1-2

September 26, 2021

Event Overview Recently, NSFOCUS CERT discovered a slew of security incidents that exploited security vulnerabilities (ProxyShell) in Microsoft Exchange. Also, NSFOCUS found that the new LockFile ransomware group LockFile took advantage of these ProxyShell and PetitPotam vulnerabilities to target enterprise domain environments, finally encrypting quite a few hosts from enterprises for ransom. In April, a […]

Search

Subscribe to the NSFOCUS Blog