- May 4, 2019
- 801
A new ransomware group has weaponized two recently disclosed vulnerabilities in order to improve their chances at breaching, taking over, and encrypting corporate networks.
Named LockFile, this new ransomware gang has been seen exploiting a vulnerability known as ProxyShell to gain access to Microsoft Exchange email servers, from where it pivots to companies' internal networks, according to reports from security firm TG Soft and security researcher Kevin Beaumont.
New LockFile ransomware gang weaponizes ProxyShell and PetitPotam attacks
A new ransomware group named LockFile has weaponized two recently disclosed vulnerabilities (PetitPotam and ProxyShell) in order to improve their chances at breaching, taking over, and encrypting corporate networks.
therecord.media