The ProxyShell, Log4J, and Zerologon bugs were among the most commonly exploited ones in 2021, according to a new advisory from the NSA and other agencies.
Ransomware actors have increasingly shifted their tactics to exploit flaws as part of their initial infection vector.
Cybercriminals are using the known ProxyLogon and ProxyShell vulnerabilities to hijack email threads in malware attacks.
Attackers are stepping up their scanning for Exchange servers vulnerable to the ProxyShell vulnerabilities and installing webshells, ransomware, and other malware.