urlscan.io logo urlscan.io
SecurityTrails logo

doublepulsar.com Open in urlscan Pro
52.1.147.205  Public Scan

Back to summary
Submitted URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
Effective URL: https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9?gi=281c166d9e9a
Submission: On May 23 via api from US — Scanned from DE

Form analysis 0 forms found in the DOM

Text Content

Open in app

Sign up

Sign In

Write


Sign up

Sign In



Member-only story


PROXYNOTSHELL— THE STORY OF THE CLAIMED ZERO DAYS IN MICROSOFT EXCHANGE

Kevin Beaumont

·

Follow

Published in

DoublePulsar

·
10 min read
·
Sep 29, 2022

299

7

Listen

Share

Yesterday, cybersecurity vendor GTSC Cyber Security dropped a blog saying they
had detected exploitation of a new Microsoft Exchange zero day:

Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft
Exchange Server | Blog | GTSC — Cung cấp các dịch vụ bảo mật toàn diện
(gteltsc.vn)

If a zero day in Exchange was real, history has shown things go south quickly…
so let us dig into it.

TO KEEP READING THIS STORY, GET THE FREE APP OR LOG IN.
READ THE REST OF THIS STORY WITH A FREE ACCOUNT.

Read in app
Or, continue in mobile web
Sign up with Google
Sign up with Facebook
Sign up with email
Already have an account? Sign in


299

299

7


Follow



WRITTEN BY KEVIN BEAUMONT

3.8K Followers
·Editor for

DoublePulsar

Everything here is my personal work and opinions.

Follow




MORE FROM KEVIN BEAUMONT AND DOUBLEPULSAR

Kevin Beaumont

in

DoublePulsar


CAPITA’S “STANDARD INDUSTRY PRACTICE” 633GB OPEN CLOUD STORAGE


TECHCRUNCH HAS A STORY TODAY ABOUT CAPITA WITH AN UNSECURED S3 BUCKET. LET’S DIG
INTO WHAT IS HAPPENING.

4 min read·May 5

34





Kevin Beaumont

in

DoublePulsar


RUSSIAN HACKERS EXFILTRATED DATA FROM CAPITA OVER A WEEK BEFORE OUTAGE


CAPITA HAVE FINALLY ADMITTED A DATA BREACH. LET’S TAKE A LOOK AT WHAT HAPPENED.

9 min read·Apr 20

138

2




Kevin Beaumont

in

DoublePulsar


BPFDOOR — AN ACTIVE CHINESE GLOBAL SURVEILLANCE TOOL


RECENTLY, PWC THREAT INTELLIGENCE DOCUMENTED THE EXISTENCE OF BPFDOOR, A PASSIVE
NETWORK IMPLANT FOR LINUX THEY ATTRIBUTE TO RED MENSHEN…


·3 min read·May 7, 2022

227

2




Kevin Beaumont

in

DoublePulsar


BLACK BASTA RANSOMWARE GROUP EXTORTS CAPITA WITH STOLEN CUSTOMER DATA, CAPITA
FUMBLE RESPONSE.


THERE’S AN INTERESTING PIECE IN THE TIMES TODAY, WHERE THE CEO OF CAPITA
DECLARES CAPITA’S RESPONSE TO THE HACK “WILL GO DOWN AS A CASE…

3 min read·Apr 9

90

1



See all from Kevin Beaumont
See all from DoublePulsar



RECOMMENDED FROM MEDIUM

Mike Takahashi

in

The Gray Area


5 GOOGLE DORKS EVERY HACKER SHOULD KNOW


UNCOVER HIDDEN ENDPOINTS AND SENSITIVE DATA USING THESE GOOGLE DORKS


·3 min read·Jan 6

617

5




The PyCoach

in

Artificial Corner


YOU’RE USING CHATGPT WRONG! HERE’S HOW TO BE AHEAD OF 99% OF CHATGPT USERS


MASTER CHATGPT BY LEARNING PROMPT ENGINEERING.


·7 min read·Mar 17

20K

345





LISTS


STAFF PICKS

311 stories·79 saves


STORIES TO HELP YOU LEVEL-UP AT WORK

19 stories·36 saves


SELF-IMPROVEMENT 101

20 stories·81 saves


PRODUCTIVITY 101

20 stories·78 saves


Alopix | Αλώπηξ

in

System Weakness


BYPASSING A WINDOWS PASSWORD USING KALI, WITH JUST TWO COMMANDS


WARNING! THE FOLLOWING INSTRUCTIONS SHOWN IN THIS ARTICLE ARE FOR PENETRATION
TESTING PURPOSES OR PERSONAL USE ONLY.


·3 min read·Dec 31, 2022

618

8




Richard de Vries



in

Tales from a Security Professional


IS EDR WITH SYSMON ENOUGH? OR DO YOU NEED XDR AS WELL?


ALTHOUGH THE DIFFERENCE IS JUST ONE LETTER, THE LEVEL OF PROTECTION IS A
DIFFERENT STORY…


·3 min read·Jan 29

89





Adam Goss


CERTIFIED RED TEAM OPERATOR (CRTO) REVIEW


THE CERTIFIED RED TEAM OPERATOR (CRTO) COURSE IS AN OFFERING FROM ZERO POINT
SECURITY WHICH AIMS TO TEACH “THE BASIC PRINCIPLES, TOOLS AND…


·8 min read·Dec 13, 2022

33

1




nynan


WHAT I LEARNT FROM READING 217* SUBDOMAIN TAKEOVER BUG REPORTS.


A COMPREHENSIVE ANALYSIS OF SUBDOMAIN TAKEOVERS (SDTO), DNS HIJACKING, DANGLING
DNS, CNAME MISCONFIGURATIONS…


·8 min read·Oct 31, 2022

522

4



See more recommendations

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

To make Medium work, we log user data. By using Medium, you agree to our Privacy
Policy, including cookie policy.