OWASSRF: New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations
A recent publication demonstrated that several Play ransomware intrusions seem to have been caused by the Microsoft Exchange ProxyNotShell vulnerabilities CVE-2022-41040 and CVE-2022-41082. In each instance, the relevant logs and ruled there was no evidence of the exploitation of CVE-2022-41040 for initial access. Instead, it appears that the PoC was made directly through Outlook Web