Metacurity

Share this post

CISA Issues Urgent Warning About ProxyShell Vulnerabilities

metacurity.substack.com

CISA Issues Urgent Warning About ProxyShell Vulnerabilities

State Department reportedly hit by cyberattack, Zero-day in Razer’s Synapse software could give threat actor SYSTEM privileges, T-Mobile ups again the number of people affected by data breach, more

Cynthia Brumfield
Aug 23, 2021
∙ Paid
Share

Security researcher Kevin Beaumont has been monitoring the exploitation of ProxyShell, a set of vulnerabilities revealed by Orange Tsai at BlackHat, and discovered that the vulnerabilities are worse than ProxyLogon, the Exchange vulnerabilities revealed in March, and organizations have largely not patched for them.

On Saturday, the Cybersecurity and Infrastructure Security Agency issued an urgent notice that an attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine. CISA strongly urges organizations to identify vulnerable systems on their networks and immediately apply Microsoft's Security Update from May 2021. (Kevin Beaumont / Double Pulsar and US-CERT Current Activity)

Related: The Record by Recorded Future, Bleeping Computer, Security Affairs, The Hacker News, Forbes, Infosecurity Magazine

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing