GitHub’s new policies allow removal of PoC exploits used in attacks

Source:-https://www.bleepingcomputer.com/ GitHub announced on Friday their updated community guidelines that explain how the company will deal with exploits and malware samples hosted on their service. To give some background behind the new policy changes, security researcher Nguyen Jang uploaded a proof-of-concept exploit (PoC) to GitHub in March for the Microsoft Exchange Proxy Logon vulnerability. Soon after uploading the exploit, Jang received an email from Microsoft-owned GitHub stating that PoC exploit was removed as it violated the Acceptable Use Policies. In

Critics fume after Github removes exploit code for Exchange vulnerabilities

Source:-https://arstechnica.com/ Github has ignited a firestorm after the Microsoft-owned code-sharing repository removed a proof-of-concept exploit for critical vulnerabilities in Microsoft Exchange that have led to as many as 100,000 server infections in recent weeks. ProxyLogon is the name that researchers have given both to the four Exchange vulnerabilities under attack in the wild and the code that exploits them. Researchers say that Hafnium, a state-sponsored hacking group based in China, started exploiting ProxyLogon in January, and within a few weeks,