Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-03-06Github (microsoft)Microsoft
Security scripts
HAFNIUM
2021-03-05MicrosoftLouie Mayor
Exchange Server IIS dropping web shells and other artifacts
HAFNIUM
2021-03-05Github (cert-lv)Andrew Konst
Detect webshells dropped on Microsoft Exchange servers after 0day compromises
HAFNIUM
2021-03-04CrowdStrikeThe Falcon Complete Team
Falcon Complete Stops Microsoft Exchange Server Zero-Day Exploits
CHINACHOPPER HAFNIUM
2021-03-04FireEyeAndrew Thompson, Chris DiGiamo, Matt Bromiley, Robert Wallace
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
CHINACHOPPER HAFNIUM
2021-03-04MicrosoftAndrea Lelli, Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
GoldMax
2021-03-04MicrosoftAndrea Lelli, Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC), Ramin Nafisi
GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence
SUNBURST TEARDROP UNC2452
2021-03-03GTSCGTSC
'Mild' update on Microsoft Exchange 0day security vulnerability being used to attack organizations in Vietnam
ToddyCat
2021-03-03CISAUS-CERT
Mitigate Microsoft Exchange On-Premises Product Vulnerabilities
2021-03-03CISACISA
Alert (AA21-062A): Mitigate Microsoft Exchange Server Vulnerabilities
HAFNIUM
2021-03-02MicrosoftTom Burt
New nation-state cyberattacks (HAFNIUM)
2021-03-02MicrosoftMSRC Team
Multiple Security Updates Released for Exchange Server – updated March 8, 2021
HAFNIUM
2021-03-02Rapid7 LabsAndrew Christian
Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day
CHINACHOPPER HAFNIUM
2021-03-02VolexityJosh Grunzweig, Matthew Meltzer, Sean Koessel, Steven Adair, Thomas Lancaster
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
CHINACHOPPER HAFNIUM
2021-03-02MicrosoftMicrosoft 365 Defender Threat Intelligence Team, Microsoft 365 Security, Microsoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
CHINACHOPPER HAFNIUM
2021-03-02Github (microsoft)Microsoft
Microsoft-365-Defender-Hunting-Queries for hunting Gootkit malware delivery and C2
GootKit
2021-03-02Twitter (@MsftSecIntel)Microsoft Security Intelligence
Tweet on Gootkit malware campaign
GootKit
2021-03-02MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
HAFNIUM targeting Exchange Servers with 0-day exploits
PowerCat
2021-03-01MicrosoftMicrosoft
Detect and defend against the recent nation-state cyber attack
SUNBURST
2021-02-25MicrosoftMicrosoft
CodeQL queries to hunt for Solorigate activity
SUNBURST