CSOonline

Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed

Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation ...
Bleeping Computer

Microsoft's MSERT tool now finds web shells from Exchange Server attacks

Microsoft has pushed out a new update for their Microsoft Safety Scanner (MSERT) tool to detect web shells deployed in the recent Exchange Server attacks. On March 2nd, Microsoft disclosed that four ...
ZDNet

New Exchange Server zero-day vulnerabilities are being used in cyberattacks: Protect your network now

One (CVE-2022-41040) is a is a Server-Side Request Forgery (SSRF) vulnerability, an exploit that allows attackers to make server-side application requests from an unintended location – for example, ...