Summary: Back at the start of August 2022, members of GTSC came across an attack where Microsoft Exchange was actively being targeted. They were able to verify that the attack was leveraging a 0-day vulnerability in Exchange which ultimately led to a RCE attack. Their initial analysis and work with ZDI (Zero Day Initiative) proved that this attack was leveraging two vulnerabilities, a SSRF vulnerability in Exchange (CVE-2022-41040) and a RCE vulnerability in PowerShell......
HAFNIUM: Exchange Zero Days Actively Exploited by APT Group
Summary: On 3/2/21, security researchers at Volexity released a blog with their findings following their discovery of four new...Read More