Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub

From bleepingcomputer.com

Microsoft Exchange logo over red lines

Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities.

Last week, Vietnamese cybersecurity firm GTSC disclosed that some of their customers had been attacked using two new zero-day vulnerabilities in Microsoft Exchange.

Working with Trend Micro’s Zero Day Initiative, the researchers disclosed the vulnerabilities privately to Microsoft, who confirmed that the bugs were being exploited in attacks and that they were working on an accelerated timeline to release security updates.

“Microsoft observed these attacks in fewer than 10 organizations globally. MSTIC assesses with medium confidence that the single activity group is likely to be a state-sponsored organization,” Microsoft shared in an analysis of the attacks.

Read more…