Head Topics

Two actively exploited zero-day flaws threaten Microsoft Exchange servers

  • 📰 mybroadband
  • ⏱ Reading Time:
  • 38 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 19%
  • Publisher: 67%

South Africa Headlines News

South Africa Latest News,South Africa Headlines

Vietnamese cybersecurity firm GTSC discovered the two vulnerabilities in August 2022.

Attackers are actively exploiting two flaws in fully patched Microsoft Exchange servers to execute code remotely on affected systems, The Hacker NewsThe warning came from cybersecurity researchers at the Vietnamese security firm GTSC, who first spotted the vulnerabilities in August 2022.the two flaws as ZDI-CAN-18333 and ZDI-CAN-18802, which have been assigned Common Vulnerability Scoring System scores of 8.8 and 6.3, respectively.

According to GTSC, exploiting the vulnerabilities could let malicious actors access Microsoft Exchange server systems to drop web shells and carry out lateral movements across the compromised network.“Using the user-agent, we detected that the attacker uses Antsword, an active Chinese-based open source cross-platform website administration tool that supports web shell management.”

GTSC believes that a Chinese group is likely carrying out attacks as the web shell encoding is in simplified Chinese.The Hacker News provided details on temporary workarounds, including adding a rule to block requests with indicators of compromise through the URL Rewrite Rule Module for IIS servers:Add the string: “.*autodiscover\.json.*\@.*Powershell.

Source: Tech Daily Report (techdailyreport.net)

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 11. in ZA

South Africa Latest News, South Africa Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Microsoft Exchange Online users must ditch “basic authentication” or risk disconnectionMicrosoft said it would start randomly selecting tenants to disable their basic authentication logins on 1 October 2022. Behind every successful person there's always a helper KatelynBNB is the person behind my success story she helped me earn R150,000. thanks for restoring my hope once again KatelynBNB
Source: mybroadband - 🏆 11. / 67 Read more »

Jagersfontein residents panicked, says Free State government officialStormwater flowing in areas where mine waste spilt after two days' continuous rainfall has caused panic among residents in Jagersfontein, says Dr Mbulelo Nokwequ. I have benefited from at least R100,000 a week with KatelynBNB through her recommended platform with my small investment. Don't spend all your money without investing. KatelynBNB is a life saver, join me and win also with good hands
Source: TimesLIVE - 🏆 28. / 59 Read more »

1nvest to offer its full ETF line-up on A2XJSE-listed specialist index fund manager 1nvest SA will list all 16 of its exchange-traded funds (ETFs) on South African exchange platform A2X Markets next Wednesday (5 October). Moneyweb Trading NDL_ndumeey NDL_ndumeey 🔥🔥🔥
Source: Moneyweb - 🏆 5. / 77 Read more »

Bank of England intervenes in gilt market to stave off crashThe central bank warns continued dysfunction will threaten financial stability and even damage the economy
Source: BDliveSA - 🏆 12. / 63 Read more »