Conti affiliates use ProxyShell Exchange exploit in ransomware attacks


An investigation into recent attacks by a Conti affiliate reveals that that the attackers initially accessed targeted organizations’ networks with ProxyShell, an exploit of vulnerabilities in Microsoft Exchange that have been the subject of multiple critical updates over the past several months. The attacker otherwise closely followed the game plan laid out in a recently leaked set of documentation attributed to Conti’s operators.

ProxyShell represents an evolution of the ProxyLogon attack meth…

Read More