Hafnium Update: Continued Microsoft Exchange Server Exploitation

It’s been a week since Microsoft first disclosed several zero-day vulnerabilities in Exchange Server — and the scope has only grown since then. In its disclosure, Microsoft stated that a new threat actor known as Hafnium was exploiting these vulnerabilities to steal emails.
Since Microsoft’s initial disclosure, Cisco Talos has seen shifts in the tactics, techniques, and procedures (TTPs) associated with this activity. The majority of the activity continues to follow the guidance that was…



[[ This is only the beginning! Please visit the blog for the complete entry ]]

Article Link: http://feedproxy.google.com/~r/feedburner/Talos/~3/2n4NuHdS8Lk/hafnium-update.html