BlogCloud ServicesCyber SecurityFeaturedHot NewsIT NewsExchange Servers Targeted with 0-Day Exploits

March 11, 2021by Hector Morales1

A recent article coming directly from Microsoft, released on March 2nd, highlights how a hacker group from China has been trying to seize control over Microsoft Exchange Servers worldwide, at least 30,000 in the US alone, so far.

It notable that Microsoft’s article reports they have “detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.”

Other recent updates from the tech giant on 03/04 and 03/05 address the Scan Exchange log files for indicators of compromise and Microsoft Exchange Server Vulnerabilities Mitigations, respectably.

 

Who is HAFNIUM?

Hafnium is a lustrous, silvery-gray metal. It was named after the Latin word for Copenhagen: Hafnia. The connection between the metal or its name and the hacker group is to be determined.

What is known is that these bad guys primarily target entities in the United States across several industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, and NGOs – as Microsoft investigation reports. The hacker group operates primarily from leased virtual private servers (VPS) in the US.

 

Sequentur clients are not affected by this situation as we keep providing reliable, robust, and secure Managed IT Services in Florida, the East Coast, and nationwide. Contact us today to know more.

 

Additional Resources

Microsoft Article – worth checking for technical details, attack details, patch levels of Exchange Server, and other Tech info.

Microsoft Exchange Server Vulnerabilities Mitigations – March 2021

 

Be on-premise or remote, we’ll be your virtual IT team or even become an extension of your current one, bringing years of experience and skilled engineers to reinforce your ranks.
Call us today and get started!
Tampa Bay Office: (813) 489-4122, Washington D.C. Office: (703) 260-1119
  • cybersecurity
  • it support
  • managed it services
  • top cloud managed service providers
Share with:

One comment

  • jacobegan

    April 8, 2021 at 10:07 pm

    Thanks for sharing your info. I truly appreciate
    your efforts and I am waiting for your next post thank you once again.

Leave a Reply

Subscribe

We are constantly publishing IT, MSP, and technical content you don’t want to miss on.

Subscribe now and get the latest delivered directly to your inbox.

    Main Offices

    TAMPA BAY

    Phone: (813) 489-4122

    50 S. Belcher Road, Suite 108,
    Clearwater, FL 33765

    WASHINGTON DC

    Phone: (703) 260-1119

    1300 I Street NW,
    Washington, DC 20005

    Subscribe

    If you wish to receive our latest news in your email box, just subscribe to our newsletter. We won’t spam you, we promise!

      Applauz

      As the pioneer of the lean startup movement, APPLAUZ has dedicated it’s time to sharing effective business strategies that help new businesses and enterpreneurs put their money to work in the right way.

      Copyright © Sequentur LLC. 2007-2021. All rights reserved.