At the end of November 2022, experts from Bitdefender Labs started to notice an increase in attacks using ProxyNotShell/OWASSRF exploits chains to target on-premises Microsoft Exchange deployments. SSRF attacks on Microsoft Exchange servers are some of the most popular and routinely exploited vulnerabilities. We decided to release a technical advisory describing these attacks, but also documenting some of the recent attacks that we’ve detected in the wild.

https://businessinsights.bitdefender.com/technical-advisory-proxyhell-exploit-chains-in-the-wild

Technical Advisory: Proxy*Hell Exploit Chains in the Wild 

In November 2022, Bitdefender Labs noticed an increase in attacks using ProxyNotShell exploits targeting on-premesis Microsoft Exchange deployments.

^{Martin Zugec (Bitdefender SRL)}