Understanding the Exchange Server Attacks: Exploiting CVE-2022-41040 and CVE-2022-41082
top of page
Work Overview
LATEST PROJECTS
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque
Blog
Search
In recent months, we have seen a surge in attacks targeting Exchange Servers. These attacks have been made possible by exploiting the...
3 min
Play Ransomware Group
The Play ransomware group has been making headlines recently due to its use of a new method to exploit vulnerabilities in Microsoft...
2 min
Remote Assistance Tools - T1219
Let's talk about remote assistance tools! As you would expect, a remote assistance tool is used to assist end-users from a remote...
3 min
Microsoft Office - Arbitrary Code Execution
We have recently observed threat actors evolving their procedures in light of Microsoft disabling macros by default in office documents....
3 min
Cyber Insurance Benefits
What is Cyber Insurance? A cyber insurance policy is commonly called "cyber risk insurance" or "cyber liability insurance" coverage. It...
3 min
Forensic Friday - Profile Lists
What are Profile Lists? Windows keeps track of user-profiles and their locations in the registry. The profile location is stored under...
4 min
Business Continuity and Disaster Recovery
Business continuity and disaster recovery (BCDR or BC/DR) is a collection of processes and procedures that assist a company in recovering...
3 min
Forensic Friday - Prefetch
What is Windows Prefetch? Windows Prefetch creates files when a user opens an application on a Windows host. The Windows Operating system...
3 min
Emotet Changing Techniques
Phishing attacks remain the number one technique used in cyberattacks. Some of the most common phishing attacks leveraged attachments to...
3 min
Spring4Shell
A critical vulnerability CVE-2022-22965 (Spring4Shell or SpringShell) was found on March 29, 2022, in an open-source Java framework while...
1 min
Cyberattacks On The Rise
As we look across the landscape, we see that cyberattacks continue to succeed in all business sectors. In the cases we have observed, the...
3 min
Importance of EDR
Endpoint Detection & Response (EDR) A critical task for most organizations has become setting up advanced threat protection as...
3 min
Benefits of a vCISO
Flexibility: A virtual Chief Information Security Officer (vCISO) can be reached immediately via a simple phone call, whether the vCISO...
3 min
What is Qbot / Qakbot
QBot, also known as Qakbot or pinkslipbot, is an information stealer that has been active since 2007. It is malware software that can...
3 min
How are your Backups?
Producing and preserving copies of data to safeguard businesses against data loss is referred to as backup and recovery. The data from...
3 min
5 Reasons you should not pay ransomware attackers
Ransomware is the type of suspicious software Cybercriminals use to encrypt your data, rendering it unusable. As a result, the attackers...
3 min
What is Incident Response?
Incident response is a method for dealing with various forms of security events, cyber threats, and data breaches in an organized manner....
3 min
Attacks Target Log4j Bug in VMware
Just over a month after the details of the initial Apache Log4j vulnerability surfaced, attacks against infrastructure running vulnerable...
4 min
Proxyshell Vulnerabilities
In Microsoft Exchange, the three known vulnerabilities that threat actors use to get initial access are often referred to collectively as...
3 min
What are Access Controls
Access controls are a security technique that determines who or what may view or utilize resources in a computing environment controlled...
bottom of page