The main attacks and vulnerabilities compiled by our experts last week: 21st— 25th November

Check in our weekly report the main attacks and vulnerabilities found by our teams of experts.

Here are the most relevant headlines of the week, download our full report and take note:

Exploit for ProxyNotShell vulnerabilities published

The first publications about new critical vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082, which were named ProxyNotShell, were published at the end of September.

Atlassian fixes vulnerabilities in Crowd and Bitbucket

The Atlassian team has released a new update in its Crowd Server and Data Center identity management platforms, as well as in Bitbucket Server and Data Center. 

Cisco Secure Email Gateway Anti-Malware Protection Failure

The Cisco team confirmed today the existence of a filtering flaw in its Secure Email Gateway and IronPort Email Security Appliance Software versions 14.2.0, as reported by an anonymous researcher earlier last week after allegedly receiving no response from the company.

Activity analysis of the Quantum Locker group

The Belgian company Computerland has shared information on the Tactics, Techniques, and Procedures of the malicious actor Quantum Locker.

Related news

Stay up to date. Get the latest news and trends
Sign Up
cross