The ransomware gang known as Cuba is increasingly shifting to exploiting Exchange bugs – including crooks’ favorites, ProxyShell and ProxyLogon – as initial infection vectors.
Threatpost