Hunting down MS Exchange attacks. Part 1. ProxyLogon (CVE-2021-26855, 26858, 27065, 26857)

Hunting down MS Exchange attacks. Part 1. ProxyLogon (CVE-2021-26855, 26858, 27065, 26857)

Microsoft Exchange is one of the most common mail servers used by hundreds of thousands of companies around the world. Its popularity and accessibility from the Internet make it an attractive target for attackers
Anton Medvedev
Principal SOC Analyst
Demyan Sokolin
Principal SOC Analyst
Vadim Khrykov
Head of Threat Detection & Response