web shell – PossibleThreat Articles

This blog aims to provide further guidance on detecting malicious IIS modules and other capabilities that you can use during your own incident response investigations.

The post IIS modules: The evolution of web shells and how to detect them appeared first on Microsoft Security Blog.

MalwareBytes Security

[updated]Two new Exchange Server zero-days in the wild

October 4, 2022 0 Comments cve-2022-41040, cve-2022-41082, exchange, Exploits and vulnerabilities, news, proxyshell, rce, remote powershell, ssrf, web shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

MalwareBytes Security

Two new Exchange Server zero-days in the wild

September 30, 2022 0 Comments cve-2022-41040, cve-2022-41082, exchange, Exploits and vulnerabilities, news, proxyshell, rce, remote powershell, ssrf, web shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

MalwareBytes Security

[updated] Thousands of Zimbra mail servers backdoored in large scale attack

August 17, 2022 0 Comments authentication, cve-2022-27925, cve-2022-37042, Exploits and vulnerabilities, news, rce, web shell, zimbra, zvs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

MalwareBytes Security

Thousands of Zimbra mail servers backdoored in large scale attack

August 12, 2022 0 Comments authentication, cve-2022-27925, cve-2022-37042, Exploits and vulnerabilities, news, rce, web shell, zimbra, zvs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

MalwareBytes Security

[updated]Unpatched Atlassian Confluence vulnerability is actively exploited

June 3, 2022 0 Comments atlassian, behinder, China Chopper, cobalt strike, confluence, cve-2022-26134, Exploits and vulnerabilities, meterpreter, web shell

Credit to Author: Pieter Arntz| Date: Fri, 03 Jun 2022 14:41:58 +0000

A vulnerability in Atlassian Confluence was found by performing an incident response investigation on a compromised server. The vulnerability is not yet patched.

The post [updated]Unpatched Atlassian Confluence vulnerability is actively exploited appeared first on Malwarebytes Labs.

MalwareBytes Security

Unpatched Atlassian Confluence vulnerability is actively exploited

June 3, 2022 0 Comments atlassian, behinder, China Chopper, cobalt strike, confluence, cve-2022-26134, Exploits and vulnerabilities, meterpreter, web shell

Credit to Author: Pieter Arntz| Date: Fri, 03 Jun 2022 14:41:58 +0000

A vulnerability in Atlassian Confluence was found by performing an incident response investigation on a compromised server. The vulnerability is not yet patched.

The post Unpatched Atlassian Confluence vulnerability is actively exploited appeared first on Malwarebytes Labs.

← Previous