[HackerNews] New Microsoft Exchange ‘ProxyToken’ Flaw Lets Attackers Reconfigure Mailboxes

Details have emerged about a now-patched security vulnerability impacting Microsoft Exchange Server that could be weaponized by an unauthenticated attacker to modify server configurations, thus leading to the disclosure of Personally Identifiable Information (PII).
The issue, tracked as CVE-2021-33766 (CVSS score: 7.3) and coined “ProxyToken,” was discovered by Le Xuan Tuyen, a researcher at the

Source: Read More (The Hacker News)

You might be interested in …

[HackerNews] Data Wiper Malware Disguised As Ransomware Targets Israeli Entities

All posts, HackerNews

Researchers on Tuesday disclosed a new espionage campaign that resorts to destructive data-wiping attacks targeting Israeli entities at least since December 2020 that camouflage the malicious activity as ransomware extortions. Cybersecurity firm SentinelOne attributed the attacks to a nation-state actor affiliated with Iran it tracks under the moniker “Agrius.” “An analysis of what at first […]

Read More

Daily NCSC-FI news followup 2020-09-09

Netwalker ransomware hits Pakistan’s largest private power utility www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/ K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services. In a Tor payment page seen by BleepingComputer, the ransomware operators demand a $3, 850, 000 ransom payment. If a ransom is […]

Read More

[NCSC-NL] NCSC-NL publishes factsheet PKIoverheid is changing: Coordinate the necessary changes in your ICT processes

All posts, NCSC-NL

In the coming months, changes will take place in the PKIoverheid system, in order to resolve an issue that was discovered in July. In the meantime, the certificate issuers have started replacing PKIoverheid leaf certificates. Source: Read More (National Cyber Security Centre – News items)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.