Threat Advisory: How to respond to ProxyShell, the latest exploit against Exchange

During Black Hat 2021, a well-known computer security conference, security researcher Orange Tsai showcased a new exploit dubbed “ProxyShell” to remotely attack on-premise Microsoft Exchange servers. ProxyShell is a set of three security flaws (CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207) which, when used together, could enable a threat actor to perform unauthenticated, remote code execution (RCE) on […]

Our ethical hackers explain how ethical hacking works

Ethical hacking

Article One Magazine – March 2021   Our colleagues Sander Van der Borght and Stephen Corbiaux, ethical hackers at Davinsi Labs, answer 5 questions on ethical hacking in an interview with Proximus’ One Magazine. 1. What is ethical hacking? Ethical hackers look for the security holes in websites, mobile applications, and (wireless) corporate networks,” explains […]

Threat Advisory: HAFNIUM targeting Exchange Servers with 0-day exploits

Threat Advisory

March 2, 2021 marked the day of the release of a Threat Intelligence report by Microsoft, reporting multiple (!) 0-days exploits abused in the wild, to attack on-premise versions of Microsoft Exchange Servers. The threat actor, dubbed ‘HAFNIUM‘, abuses multiple vulnerabilities to access on-premise Exchange servers, bypassing authentication mechanisms. Once access is gained to the […]

Looking forward to 2021

A new year, with new opportunities! Don’t we have to believe in this year more than ever? Many of us probably don’t mind leaving 2020 behind. Our levels of imagination and creativity were challenged to make sure it wasn’t a lost year.