Two Microsoft Exchange Zero-Days Being Exploited In-The-Wild
Threat Intelligence

Two Microsoft Exchange Zero-Days Being Exploited In-The-Wild

Posted on September 30, 2022

By Lee Clark, Cyber Threat Intelligence Analyst & Writer

Context On September 29, 2022, security researchers at GTSC reported the technical details of two zero-day vulnerabilities they had observed being exploited by threat actors since August 2022. Microsoft confirmed the vulnerabilities and provided details of both: CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability that can enable an authenticated attacker to remotely trigger the…

Read More
Member Spotlight Christy Elgee
Member Spotlight

Member Spotlight: Christy Elgee

Posted on September 30, 2022

By Natalie Paskoski, RH-ISAC Manager of Marketing & Communications

RH-ISAC: What is your background in cybersecurity? Where did you get your training and education? Christy: My background is not originally in cybersecurity. I have only been working in cybersecurity for a little over a year. My background is actually in business. After earning my MBA, I began working at Hannaford, another company in the…

Read More