Microsoft Exchange server exploitation: How to detect, mitigate, and stay calm Contains additional tips for investigating potential compromises (see below). ![]() It also provides additional IoCs.ĭetection and Response to Exploitation of Microsoft Exchange Zero-Day VulnerabilitiesĪlso confirms observing abuse in January and contains another nice technical breakdown of the attacks. This post provides more details on how the vulnerabilities are actually being exploited as well as a short list of observed post-exploitation tactics, techniques, and procedures (TTPs). One of the first to identify (January 6!) and report on this activity. ![]() Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities Huntress also hosted a webinar on March 4 at 1pm ET and provided a summary of their research and observations so far. Huntress is actively updating as new information becomes available. Rapid response thread from Huntress geared specifically towards MSPs, including threat intel and findings from examining their own partner base. Mass exploitation of on-prem Exchange servers (thread on r/msp) CISA Alert: Mitigate Microsoft Exchange Server Vulnerabilities.Includes attack details, specific CVE info, mitigation recommendations, and list of indicators of compromise (IoCs).HAFNIUM targeting Exchange Servers with 0-day exploits (Microsoft).The following are great summaries and threads to follow to get up to speed: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |