Threats and IoCs


HAFNIUM: Exchange Zero Days Actively Exploited by APT Group

Summary: On 3/2/21, security researchers at Volexity released a blog with their findings following their discovery of four new Microsoft Exchange Server 0-day vulnerabilities. Volexity first detected exploitation in one of their customers back in January 2021. The discovered vulnerabilities are as follows: CVE-2021-26855 A Server-Side Request Forgery (SSRF) vulnerability allows for authentication bypass when sending arbitrary HTTP requests. Successful exploitation is dependent on how Exchange is configured, either in a single server configuration......

Read More