Hit enter to search

ProxyShell - Another MS Exchange Flaw Gaining Traction Among Attackers.

Aug 11, 2021

The Client Access Service (CAS), which runs on IIS on port 443, can be used to exploit the newly revealed vulnerabilities in Microsoft Exchange servers. The Autodiscover service and the Exchange PowerShell backend were among the components of Exchange Servers targeted by the attack chain.

The attackers have continued to tweak and finetune their attack exploit. In addition, the attacker was seen using an autodiscovery tool to check for vulnerable exchange servers with a fresh request.