Researcher publishes a proof of concept on GitHub that uses vulnerabilities exploited by hackers to breach Microsoft Exchange servers; GitHub deleted the code
Lorenzo Franceschi-Bicchierai / VICE :
VICE Lorenzo Franceschi-Bicchierai
Related Coverage
- Protecting on-premises Exchange Servers against recent attacks Microsoft Security
- Exploits on Organizations Worldwide Tripled every Two Hours after Microsoft's Revelation of Four Zero-days Check Point Software
- Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits BleepingComputer
- Security News This Week: Hackers Accessed Security Cameras Inside Tesla and Beyond Wired
- Microsoft release advisory on Protecting on-premises Exchange Servers following recent attacks MSPoweruser
- A hacker who exposed Verkada's surveillance camera snafu has been raided The Verge
- Microsoft Exchange Server Attacks: 9 Lessons for Defenders Dark Reading
- Hackers are exploiting vulnerable Exchange servers to drop ransomware, Microsoft says TechCrunch
- Microsoft Hack Draws New Attention to Third-Party Risk Security Boulevard
- Ransomware Hackers Start Exploiting Microsoft Exchange Server Flaws PCMag
- No sign of Exchange-related ransomware hitting UK orgs, claims NCSC as it urges admins to scan for compromises The Register
- Microsoft Yanks Exchange Server Exploit Proof Of Concept Code From GitHub HotHardware.com News
- Microsoft Exchange Exploits Pave a Ransomware Path Threatpost
- Botnet operators, ransomware scammers the latest groups to pounce on Exchange Server bugs CyberScoop
- This Week in Security: APT Targeting Researchers, and Someone Watching All the Cameras Hackaday
- A hacking group is hijacking Microsoft Exchange web shells The Record
- DearCry ransomware targets vulnerable Exchange servers ComputerWeekly.com
- Microsoft massive email hack: Ransomware now targeting Microsoft Exchange vulnerabilities Laptop Mag
- Ransomware Operators Start Targeting Microsoft Exchange Vulnerabilities SecurityWeek
- New ransomware is being used to target unpatched Microsoft Exchange servers Windows Central
- Hackers Are Targeting Microsoft Exchange Servers With Ransomware The Hacker News
Discussion
-
@checkpointsw
Check Point
on x
Closely monitoring the revelation of four #zeroday vulnerabilities currently affecting #Microsoft Exchange Servers, @_CPResearch_ reports over 1800 exploits and attack attempts on hundreds of organizations worldwide. Get the details: https://blog.checkpoint.com/ ... #MicrosoftExc…
-
@bleepincomputer
@bleepincomputer
on x
BleepingComputer was told by a DearCry - DoejoCrypt victim that only the Microsoft Exchange server was encrypted. No other devices. By only focusing on the Exchange server, they can be launched quicker than normal human-operated ransomware attacks. https://www.bleepingcomputer.co…
-
@hackingdave
Dave Kennedy
on x
Blaming red teamers is already an inaccurate statement as it's typically security researchers who publish these. It was already actively exploited with hundreds of thousands of already compromised systems with little to no direction from Microsoft. Yet offsec is to blame? https:/…
-
@hackingdave
Dave Kennedy
on x
Wow, I am completely speechless here. Microsoft really did remove the PoC code from Github. This is huge, removing a security researchers code from GitHub against their own product and which has already been patched. This is not good. https://vice.com/...
-
@s1guza
Siguza
on x
Honest question: did such takedowns happen before MS bought GH? https://twitter.com/...
-
@erratarob
@erratarob
on x
Microsoft acquired GitHub and now censors content: https://www.vice.com/...
-
@lorenzofb
Lorenzo Franceschi-Bicchierai
on x
NEW: A researcher published proof-of-concept code to hack Microsoft Exchange servers on GitHub. GitHub has now taken it down arguing it violated its “Acceptable Use Policies.” https://www.vice.com/...
-
@campuscodi
Catalin Cimpanu
on x
I initially thought the researcher took down his code as there was another ProxyLogon PoC still on his account. That was removed too, and, according to this report, it was Microsoft who intervened to nuke the gists https://twitter.com/...