Cyber Threat Report: 'HAFNIUM targeting Exchange Servers with 0-day exploits'
| Report Author | Microsoft Threat Intelligence |
|---|---|
| Publication Date | 2021-03-02 |
| Original Reporting | Source |
| Attributed to Nation | China |
| Related Intrusion Sets | Silk Typhoon , HAFNIUM |
| Identified CVEs | CVE-2021-26857 , CVE-2021-26858 , CVE-2021-26855 , CVE-2021-27065 |
| Victim Sectors | Education, Non Profit, Legal Services, Defense |
In March 2021 Microsoft detected multiple zero-day exploits being used as part of a widespread campaign by HAFNIUM / Silk Typhoon. This report outlines tactics, techniques and procedures (TTPs) used in the attacks as well as providing indicators of compromise (IoCs) for detecting activity.
Cyber Threat Graph Context
Explore how this report relates to the wider threat graph