Malpedia Library

Click here to download all references as Bib-File.•

2021-03-14 ⋅ DAILY BEAST ⋅ Matthew Brazil
How China’s Devastating Microsoft Hack Puts Us All at Risk
HAFNIUM

2021-03-12 ⋅ splunk ⋅ Amy Heng, Dave Herrald, Derek King, James Brodsky, John Stoner, Jose Hernandez, Marcus LaFerrera, Michael Haag, Mick Baccio, Ryan Kovar, Shannon Davis
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later…

2021-03-11 ⋅ Check Point ⋅ Adi Ikan, Lotem Finkelsteen, Sagi Tzadik, Yaniv Balmas
Exploits on Organizations Worldwide Tripled after Microsoft’s Revelation of Four Zero-days

2021-03-11 ⋅ DEVO ⋅ Fran Gomez
Detection and Investigation Using Devo: HAFNIUM 0-day Exploits on Microsoft Exchange Service
CHINACHOPPER MimiKatz

2021-03-11 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits

2021-03-11 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Microsoft Exchange Server Attack Timeline
CHINACHOPPER

2021-03-10 ⋅ PICUS Security ⋅ Süleyman Özarslan
Tactics, Techniques, and Procedures (TTPs) Used by HAFNIUM to Target Microsoft Exchange Servers
CHINACHOPPER

2021-03-10 ⋅ FBI ⋅ CISA, FBI
Compromise of Microsoft Exchange Server

2021-03-10 ⋅ Microsoft ⋅ Pete Bryan
Monitoring the Software Supply Chain with Azure Sentinel

2021-03-10 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Norway parliament data stolen in Microsoft Exchange attack

2021-03-10 ⋅ Lemon's InfoSec Ramblings ⋅ Josh Lemon
Microsoft Exchange & the HAFNIUM Threat Actor
CHINACHOPPER

2021-03-09 ⋅ YouTube (John Hammond) ⋅ John Hammond
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange
CHINACHOPPER

2021-03-09 ⋅ Malwarebytes ⋅ Pieter Arntz
Microsoft Exchange attacks cause panic as criminals go shell collecting

2021-03-09 ⋅ PRAETORIAN ⋅ Anthony Weems, Dallas Kaman, Michael Weber
Reproducing the Microsoft Exchange Proxylogon Exploit Chain
CHINACHOPPER

2021-03-09 ⋅ Red Canary ⋅ Brian Donohue, Katie Nickels, Tony Lambert
Microsoft Exchange server exploitation: how to detect, mitigate, and stay calm
CHINACHOPPER

2021-03-09 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Remediation Steps for the Microsoft Exchange Server Vulnerabilities
CHINACHOPPER

2021-03-09 ⋅ Cisco Talos ⋅ Cisco Talos
Hafnium Update: Continued Microsoft Exchange Server Exploitation

2021-03-09 ⋅ Attivo NETWORKS ⋅ Anil Gupta, Gorang Joshi, Saravanan Mohan
Hafnium – Active Exploitation of Microsoft Exchange and Lateral Movement

2021-03-09 ⋅ Microsoft ⋅ MSRC Team
Microsoft Exchange Server Vulnerabilities Mitigations – updated March 9, 2021
HAFNIUM

2021-03-08 ⋅ Symantec ⋅ Threat Hunter Team
How Symantec Stops Microsoft Exchange Server Attacks
CHINACHOPPER MimiKatz