Skip to Content

Active exploitation of the OWASSRF vulnerability to deloy Play ransomware

Updated on 2022-12-29

Play ransomware

Fortinet researchers have a technical breakdown of the new Play ransomware operation. Read more: Ransomware Roundup – Play Ransomware

Updated on 2022-12-23

Palo Alto Networks Unit 42 researchers observed the active exploitation of the OWASSRF vulnerability. So far, eight organizations have seen the exploitation activity against Microsoft Exchange servers. Read more: Threat Brief: OWASSRF Vulnerability Exploitation

Updated on 2022-12-20

The Play ransomware gang claimed responsibility for attacks on Germany-based H-Hotels by listing the company on its Tor site. The data stolen includes client documents, passports, IDs, and more. Read more: Cyberangriff auf H-Hotels.com

Overview

Crowdstrike said they identified OWASSRF, a new method of exploiting the ProxyNotShell vulnerabilities. The company said it saw the technique being used in the wild to deploy the Play ransomware. Read more: OWASSRF: CrowdStrike Identifies New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.