關於 proxylogon ，我們在網路上蒐集到這些相關的討論、資訊與評價

#11. Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack ...

We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell.

#12. 台灣白帽駭客資安團隊DEVCORE 表示率先發現微軟 ... - Cool3c

此次揭露的「ProxyLogon」漏洞，是以無需驗證即可使用的遠端程式碼執行(Pre-Auth Remote Code Execution；Pre-Auth RCE)零日漏洞(Zero-day exploit)， ...

#13. Attackers Hijack Email Using Proxy Logon/Proxyshell Flaws

Exploiting Microsoft Exchange ProxyLogon & ProxyShell vulnerabilities, attackers are malspamming replies in existing threads and slipping ...

#14. Exchange 0-Day Exploits (aka "ProxyLogon") - LinkedIn

Exchange 0-Day Exploits (aka "ProxyLogon"): Quickly Detecting Exposure and Exploitation: What You Should Do.

#15. 多個駭客組織鎖定微軟ProxyLogon漏洞

資安業者ESET於3月10日揭露，逾10個駭客組織鎖定統稱為ProxyLogon之4個Exchange Server安全漏洞，且於微軟發布修補程式後，相關惡意Web Shell數量大幅 ...

#16. ProxyLogon Vulnerability: Remediation Guide - Insane ...

ProxyLogon Vulnerability: Remediation Guide. David Rudduck · March 12, 2021; 11:56 am. The below information is a guide compiled by our global response ...

#17. Test-ProxyLogon - Microsoft - CSS-Exchange

ps1. Download the latest release: Test-ProxyLogon.ps1. Formerly known as Test-Hafnium, this script automates all four of the commands found in ...

#18. Latest ProxyLogon news - Bleeping Computer

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen ...

#19. Hackers Exploiting ProxyLogon and ... - The Hacker News

ProxyLogon and ProxyShell refer to a collection of flaws in Microsoft Exchange Servers that could enable a threat actor to elevate privileges ...

#20. Exchange Server Proxylogon漏洞可能早在2017年就被駭

Cybereason研究發現，中國駭客組織Group 3390（APT27），在過去幾年攻擊行動所開採的Exchange漏洞，就是今年初引發嘩然的ProxyLogon漏洞

#21. GhostEmperor: From ProxyLogon to kernel mode | Securelist

This was only two days after the patch for the ProxyLogon vulnerability was released by Microsoft, and it is possible that the attackers ...

#22. 中國駭客GhostEmperor利用ProxyLogon漏洞，在受害電腦植入 ...

針對中國駭客運用ProxyLogon漏洞發動攻擊的現象，卡巴斯基揭露名 ... 自Exchange Server重大漏洞「ProxyLogon」被揭露之後，陸續傳出有駭客組織利用這個系列漏洞，入侵 ...

#23. Understanding ProxyLogon Vulnerabilities and How to Secure Them

A research team from DEVCORE found the first ProxyLogon vulnerability in December 2020 after launching an investigation into Microsoft Exchange ...

#24. ProxyShell vs. ProxyLogon: What's the Difference? - Huntress

ProxyLogon is basically ProxyShell's mother. ProxyLogon is the vulnerability that HAFNIUM unleashed in March 2021, which gave threat actors ...

#25. Plugins associated with the HAFNIUM and Proxylogon attack

These RCE vulnerabilities (HAFNIUM) may allow attackers to breach vulnerable systems and further exploit assets (Proxylogon) to gain ...

#26. Hackers Use ProxyLogon and ProxyShell Bugs in Phishing Blitz

A team at Trend Micro spotted the campaign, which exploits the ProxyLogon and ProxyShell vulnerabilities patched by Microsoft in March and ...

#27. Exchange SSRF漏洞從proxylogon到proxyshell(一)

前幾天Exchange又爆出一個新洞，類似於之前的ProxyLogon。本片文章更多注重於基礎。 一. 除錯環境. C#語言類似與Java，同樣可以很輕鬆的反編譯。

#28. Hunting Down MS Exchange Attacks. Part 1. ProxyLogon ...

ProxyLogon is the name of CVE-2021-26855 (SSRF) vulnerability that allows an external attacker to bypass the MS Exchange authentication mechanism and ...

#29. ProxyLogon | 匯流新聞網

最早揭露微軟Exchange Server漏洞台灣團隊成功協助守護全球資安！ · 2021-03-10 · 王佐銘 · DEVCORE Exchange Server ProxyLogon ...

#30. FamousSparrow Cyberspies Exploit ProxyLogon in Attacks on ...

A cyberespionage group active since at least 2019 started exploiting ProxyLogon one day after the Microsoft Exchange vulnerability was ...

#31. ProxyLogon (CVE-2021-26855): 2021's Top Contender for…

The attack on Microsoft Exchange servers encompasses several unique vulnerabilities in an attack chain. The impact is critical for multiple reasons.

#32. 'A whole new attack surface' – Researcher Orange Tsai ...

'A whole new attack surface' – Researcher Orange Tsai documents ProxyLogon exploits against Microsoft Exchange Server.

#33. Ten Steps to Defend Your Microsoft Exchange Servers from ...

Advanced Persistent Threat (APT) group, HAFNIUM, leveraged a chain of four zero-day vulnerabilities, together dubbed ProxyLogon. Since then, at least 10 ...

#34. 使用ProxyShell 和ProxyLogon 劫持邮件链 - Seebug Paper

Squirrelwaffle的常规操作是发送恶意垃圾邮件回复现有电子邮件链，今天我们要调查它利用Microsoft Exchange Server 漏洞（ProxyLogon 和ProxyShell） ...

#35. 間諜組織FamousSparrow利用ProxyLogon漏洞入侵受害組織

間諜組織FamousSparrow利用ProxyLogon漏洞入侵受害組織，植入後門程式. iThome 2021/09/29 06:09(2天前). 許多企業使用的郵件系統Exchange Server，今年3月初驚傳，多 ...

#36. 微軟：修補完Exchange Server 漏洞還不能掉以輕心

三月初微軟公佈安全公告，警告駭客組織Hafnium正在開採本地部署Exchange Server上的四個合稱為ProxyLogon的零時差漏洞，同時針對Exchange Server 2013、 ...

#37. It's not yet over for Proxylogon - ConnectWise

Commonly referred to as Proxylogon (CVE-2021-26855), the vulnerability allows unauthenticated remote code execution (RCE) on on-premises Exchange servers.

#38. ProxyLogon — The latest pre-authenticated Remote Code ...

ProxyLogon — The latest pre-authenticated Remote Code Execution vulnerability on Microsoft Exchange Server ... Thank you stranger. Shows the award ...

#39. ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange ...

p0wershe11/ProxyLogon, ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell) usage: python ...

#40. ProxyLogon Vulnerability: Civil Society Watch Out!

Hafnium? ProxyLogon? Black Kingdom? DearCry? If you're working in a civil society organization, you don't want to come across these names.

#41. Microsoft Exchange ProxyLogon: the path beyond the patches

Four recently-discovered vulnerabilities in Microsoft Exchange Servers - known collectively as ProxyLogon - grant attackers high privilege ...

#42. ProxyLogon | Alexander V. Leonov

Best Server-Side Bug: Orange Tsai, for his Microsoft Exchange Server ProxyLogon attack surface discoveries. Most Epic Fail: Microsoft, for their ...

#43. ProxyLogon - Sophos News

How PetitPotam hijacks the Windows API, and what you can do about it · A new ransomware enters the fray: Epsilon Red · New Lemon Duck variants exploiting ...

#44. MS Exchange ProxyLogon Vulnerability CVE-2021-26855

In this episode of the Juniper Threat Labs podcast, Mounir Hahad shares his take on the MS Exchange ProxyLogon vulnerability CVE-2021-26855.

#45. Exchange “ProxyLogon”系列漏洞分析 - 技术圈

Exchange “ProxyLogon”系列漏洞分析 · STATEMENT · 声明 · 雷神众测拥有对此文章的修改和解释权。 · No.1 简介 · 近期，微软Exchange邮件服务器的⾼危安全漏洞 ...

#46. HAFNIUM targeting Exchange Servers with 0-day exploits

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted ...

#47. ProxyLogon fixes for unsupported Microsoft Exchange ...

Microsoft released ProxyLogon security updates for Microsoft Exchange servers running vulnerable unsupported Cumulative Update versions.

#48. Report: 92 Percent of Microsoft Exchange Servers Are Now ...

ProxyLogon has been a serious issue for Microsoft's Exchange Server customers. The attack has affected tens of thousands of servers, covering ...

#49. ProxyLogon漏洞被用于门罗币挖矿 - 嘶吼

在微软发布影响Exchange服务器的ProxyLogon漏洞细节后，出现了大量利用该漏洞来攻击Exchange 服务器的漏洞利用，包括webshell和勒索软件。

#50. 以毒攻毒？FBI ProxyLogon清除行动深度分析

此后，该事件得到全球黑客和网络安全从业者的广泛关注，其中ESET发现在微软发布及修补ProxyLogon漏洞之前，被嵌入恶意webshell的服务器不超过200台。但3月 ...

#51. Protection against Exchange ProxyLogon exploit. - the Fortinet ...

Protection against Exchange ProxyLogon exploit. Hi all! Is there any guidance from FortiNet or from the community how to protect agains the ...

#52. 網路資訊雜誌- 雖然#Exchange Server 的#ProxyLogon...

雖然#Exchange Server 的#ProxyLogon 漏洞的修補進度已達92%，但隨後而來的勒索軟體卻沒有停歇，甚至連#WannaCry 都重出江湖了呢！

#53. 微軟：92％的Exchange服務器現在可以免受Proxylogon攻擊

Microsoft報告說，受ProxyLogon漏洞影響的所有Exchange服務器中大約有92％已收到補丁。

#54. ProxyLogon Archives

The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.

#55. Microsoft releases One-Click ProxyLogon workaround for ...

Microsoft has released an easy to install one-click mitigation tool for the critical Exchange security vulnerability known as ProxyLogon as ...

#56. Mitigate the Risk of Microsoft Exchange ProxyLogon ...

The webinar will cover: - The key elements of the ProxyLogon zero-day vulnerability in Microsoft Exchange servers and its impact - How to ...

#57. Exchange Vulnerabilities Still Being Exploited and Blackhat ...

The attack surface responsible for HAFNIUM is known as ProxyLogon and two others exist, known as ProxyShell and ProxyOracle.

#58. ProxyLogon hack: Administrator's Repository for affected ...

[German]What can I do as an Exchange Server administrator in light of the ongoing waves of attacks on ProxyLogon vulnerabilities?

#59. Microsoft 发布脚本以检查ProxyLogon 漏洞 - 网络安全

近日，微软在其Microsoft Exchange支持工程师的GitHub 仓库上发布了一个名为Test-ProxyLogon.ps1 的PowerShell 脚本，用于检查Microsoft Exchange ...

#60. Microsoft Exchange ProxyLogon PoC漏洞利用公布 - 极牛网

近几周来，微软检测到多个利用0day漏洞利用来攻击微软Exchange服务器的攻击活动。其中，利用的是微软Exchange服务器中的ProxyLogon漏洞，CVE编号 ...

#61. 报告：现在已保护92％的Microsoft Exchange Server免受 ...

微软报告说，现在大约92％的Microsoft Exchange Server已更新并受到ProxyLogon漏洞的保护，该漏洞困扰了该服务以及安全研究和响应团队数周。

#62. Exchange chain CVE-2021-26855 and CVE-2021-27065 ...

https://github.com/sirpedrotavares/Proxylogon-exploit ... -https://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-proxylogon-mail-exchange ...

#63. ProxyLogon attack on Microsoft Exchange Server - Insights

ProxyLogon — a series of zero-day vulnerabilities — has been identified in the Microsoft Exchange Server application.

#64. Proxylogon - DoublePulsar

Read writing about Proxylogon in DoublePulsar. Cybersecurity from the trenches, written by Kevin Beaumont. Opinions are of the author alone, ...

#65. Florian Roth ⚡️ on Twitter: "ProxyLogon is Just the Tip of the ...

ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server! Great talk by.

#66. Microsoft IOC Detection Tool for Exchange Server Vulnerabilities

... and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script —as ...

#67. Knowledge hub | Learn more about cybersecurity - Truesec

We love to share our knowledge to help you prevent cyber breaches. Deepen your skills in cybersecurity and stay updated with real-world insight, tools, and ...

#68. Microsoft Exchange ProxyLogon Collector - Packet Storm

'Name' => 'Microsoft Exchange ProxyLogon Collector', 'Description' => %q{ This module scan for a vulnerability on Microsoft Exchange Server ...

#69. Microsoft Exchange ProxyLogon: 8 Questions for Vendors

Assess your organization's exposure to the Microsoft Exchange ProxyLogon vulnerability with these essential questions for your vendors, suppliers and other ...

#70. A new APT uses ProxyLogon bugs in attacks targeting hotels ...

ProxyLogon was first exploited by the group on March 3, before Microsoft released emergency patches to the public.

#71. Microsoft Exchange Servers See ProxyLogon Patching Frenzy

The patching level for Microsoft Exchange Servers that are vulnerable to the ProxyLogon group of security bugs has reached 92 percent, ...

#72. Microsoft Exchange Attacks - Wild Tornado on Loose - Cyware

Weeks after the disclosure of the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have ...

#73. Proxylogon, proxyshell, proxyoracle full chain exploit tool

proxylogon, proxyshell, proxyoracle full chain exploit tool. ProxyLogon: The most well-known and impactful Exchange exploit chain ...

#74. Lemon Duck Floats on Exchange ProxyLogon Vulnerability

#75. XM Cyber Attack Simulation Platform Enables Detection and ...

Learn why and how XM Cyber has quickly integrated ProxyLogon vulnerabilities into our Attack-Centric Exposure Prioritization platform.

#76. A New Attack Surface on Microsoft Exchange Server! - Black Hat

ProxyLogon : The most well-known pre-auth RCE chain. 2. ProxyOracle: A plaintext-password recovery attacking chain.

#77. MS Exchange的新攻击面，第1部分：ProxyLogon！ - NOSEC

ProxyLogon 可能是Exchange历史上最严重、影响最大的漏洞，在从架构层面研究ProxyLogon时，我们发现这绝不仅仅是一个漏洞，而是一个全新的攻击面……

#78. 'Black Kingdom' ransomware taking advantage of ProxyLogon ...

Following the reporting of the Microsoft Exchange vulnerabilities and the out-of-band release of security patches on March 2, ...

#79. Number of Exchange Servers Vulnerable to ProxyLogon ...

The number of Exchange servers vulnerable to the ProxyLogon flaws is continuing to drop, but there are still more than 60000 online.

#80. 微軟警告殭屍網絡LemonDuck！利用舊漏洞攻擊Windows 及 ...

... 等ProxyLogon 及其他舊漏洞，攻擊Windows / Linu x伺服器及IoT 裝置。 ... 月微軟發現Exchange Server Proxylogon 漏洞後，卡巴斯基也發現有黑客 ...

#81. Microsoft releases a one-click ProxyLogon mitigation tool

Race against time – that's the best description of the ProxyLogon situation. First Microsoft has released emergency patches for vulnerable ...

#82. MS Exchange Servers Are Quickly Being Patched, But ...

With the advent of the ProxyLogon vulnerabilities for Microsoft Exchange servers, attackers are now taking advantage of the situation and ...

#83. Microsoft Exchange Server Attack Timeline

This vulnerability was given the name ProxyLogon by DevCore and is now known publicly as CVE-2021-26855. Following this initial discovery, on ...

#84. Hackers Exploiting ProxyLogon and ProxyShell Flaws in ...

Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign ...

#85. Cryptominer Exploiting ProxyLogon - Threat Activity IBM X ...

The ProxyLogon vulnerability affecting Microsoft Exchange has been exploited for a wide variety of purposes. A report by Sophos details the ...

#86. hakivvi/proxylogon - githubmemory

my exploit for the proxylogon chain (Microsoft Exchange Server - CVE-2021-26855)

#87. an in-depth look at the Microsoft Exchange ProxyLogon zero ...

At least tens of thousands of Microsoft customers may have been hacked by threat actors exploiting the ProxyLogon vulnerabilities, including ...

#88. HAFNIUM, ProxyLogon, and DearCry - SD Solutions, LLC

HAFNIUM used ProxyLogon to attack thousands of Exchange Servers. Each attack against an Exchange Server took three steps: the exploitation ...

#89. 复现微软Exchange Proxylogon漏洞 - SecIN社区

ProxyLogon 是CVE-2021-26855的名称，CVE-2021-26855是Microsoft Exchange Server上的一个漏洞，允许攻击者绕过身份验证并冒充用户。

#90. 复现Microsoft Exchange Proxylogon漏洞利用链 - 先知社区

ProxyLogon 是CVE-2021-26855的名称,它是一个存在于Microsoft Exchange Server的漏洞，可以使攻击者绕过身份验证并模拟用户。在观察到的攻击中，威胁 ...

#91. Reproducing the Microsoft Exchange Proxylogon Exploit Chain

ProxyLogon is the name given to CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker to bypass ...

#92. Microsoft Exchange ProxyLogon PoC漏洞利用公布 - iFuun

近幾周來，微軟檢測到多個利用0 day漏洞利用來攻擊微軟Exchange 伺服器的攻擊活動。其中，利用的是微軟Exchange伺服器中的ProxyLogon漏洞，CVE編號為CVE-2021...

#93. Lemon Duck Floats on Exchange ProxyLogon Vulnerability

Hear how the Lemon Duck cryptomining botnet targets Exchange servers vulnerable to ProxyLogon.

#94. 'Black Kingdom' ransomware taking ... - Express Computer

“It's been three weeks since the release of security patches for the ProxyLogon vulnerabilities, and adversaries are racing against time to ...

#95. Microsoft launches 'one-click' tool to solve Exchange server ...

The company has already released patches to mitigate the four vulnerabilities collectively known as ProxyLogon, and has been urging ...

#96. FamousSparrow APT 依賴SparrowDoor 和ProxyLogon 漏洞

他們的第一個活動是在2021 年3 月發現的，當時他們正在利用Microsoft Exchange 服務器中的ProxyLogon 漏洞。在此期間，近十幾名高級持續性威脅(APT) ...

#97. Webinar - ProxyLogon | Redscan

ProxyLogon is a series of zero-day vulnerabilities in Microsoft Exchange Server. · How threat actors are chaining the vulnerabilities to ...