user profile front side with white background

Exchange Servers Targeted with 0-Day Exploits

A recent article coming from Microsoft on March 2nd highlights how a hacker group off China has been trying to seize control over Microsoft Exchange Servers worldwide, at least 30,000 in the US alone so far.

Managed IT Services

Proven Reliability. IT Excellence. 

Exchange Servers Targeted with 0-Day Exploits

A recent article coming directly from Microsoft, released on March 2nd, highlights how a hacker group from China has been trying to seize control over Microsoft Exchange Servers worldwide, at least 30,000 in the US alone, so far.

It notable that Microsoft’s article reports they have “detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts and allowed the installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.”

Other recent updates from the tech giant on 03/04 and 03/05 address the Scan Exchange log files for indicators of compromise and Microsoft Exchange Server Vulnerabilities Mitigations, respectably.

 

Who is HAFNIUM?

Hafnium is a lustrous, silvery-gray metal. It was named after the Latin word for Copenhagen: Hafnia. The connection between the metal or its name and the hacker group is to be determined.

What is known is that these bad guys primarily target entities in the United States across several industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, and NGOs – as Microsoft investigation reports. The hacker group operates primarily from leased virtual private servers (VPS) in the US.

 

Sequentur clients are not affected by this situation as we keep providing reliable, robust, and secure Managed IT Services in Florida, the East Coast, and nationwide. Contact us today to know more.

 

Additional Resources

Microsoft Article – worth checking for technical details, attack details, patch levels of Exchange Server, and other Tech info.

Microsoft Exchange Server Vulnerabilities Mitigations – March 2021

 

Be on-premise or remote, we’ll be your virtual IT team or even become an extension of your current one, bringing years of experience and skilled engineers to reinforce your ranks.

Call us today and get started!

See More Relevant Posts

user profile front side with white background

3 Types of Network Attacks to Watch Out For

Here are some common attack vectors plaguing the industry when it comes to network infrastructure. It does not really matter the infrastructure type you have. If there is value to the data you are transferring within, someone wants to get it.

Read More ⟶
user profile front side with white background

5 Backup Mistakes to Avoid

In the current environment we’re living in, not having proper backups is just unthinkable! Here are 5 mistakes to avoid when thinking about this vital area of your business.

Read More ⟶

Contact Us

    Scroll to Top