#ProxyNotShell in Exchange Server fingered in UK Electoral Commission hack.

TechCrunch found Electoral Commission were using on prem Exchange.

I had a look via @shodan history feature - their Exchange Server, with OWA enabled, was online until later in 2022 (when the incident began) - and didn't have ProxyNotShell patches installed, as Microsoft hadn't released them.

The mitigations MS released were bypassable, as seen in the Rackspace Hosted Exchange hack.

https://techcrunch.com/2023/08/09/parsing-uk-electoral-commission-cyberattack/