Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
The proof-of-concept tool, which contained exploits for two Exchange Server vulnerabilities, was quickly removed from GitHub.
1 Min Read
Exploit code for two Microsoft Exchange Server vulnerabilities under attack was published to GitHub earlier today. The Microsoft-owned platform quickly took down the proof-of-concept (PoC).
The PoC combines CVE-2021-26855 and CVE-202127065, two of the four Exchange Server zero-days that attackers are using to break into Exchange Servers and deploy Web shells to steal data from target businesses. Since the flaws were patched on March 2, attacks have rapidly increased. At least 10 advanced persistent threat groups have started to weaponize these vulnerabilities to target servers.
This marks the first fully functional exploit code to appear for the vulnerabilities, according to a new report from The Record, which notes that the PoC was published to GitHub by a Vietnamese security researcher. Other security researchers have confirmed it works, albeit with some adjustments.
GitHub removed the code hours after its publication. In a statement to Vice, a spokesperson said the PoC code was removed because the vulnerability it exploits is under active attack.
Read the full report for more details.
About the Author(s)
You May Also Like
More Insights
Webinars
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
