Kimavi's video: What is zero day cyberattack on Microsoft Outlook Exchange Server Hafnium group and Chinese Hack

Welcome to Kimavi Super Simple Educational Videos. What is zero day cyberattack on Microsoft Outlook Exchange Server? Hafnium group and Chinese Hackers? In early Mar 2021, Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks In the attacks observed, the Chinese Hackers used vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments Chinese hackers have exploited a series of security flaws in Microsoft’s Exchange software to break into accounts and read email messages Microsoft said that Chinese group, “Hafnium,” is targeting security flaws in Exchange Server, that run software for Outlook emails Who is HAFNIUM? HAFNIUM primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs HAFNIUM has previously compromised victims by exploiting vulnerabilities in internet-facing servers, and has used legitimate open-source frameworks, like Covenant, for command and control Once they’ve gained access to a victim network, HAFNIUM typically exfiltrates data to file sharing sites like MEGA In campaigns unrelated to these vulnerabilities, Microsoft has observed HAFNIUM interacting with victim Office 365 tenants While they are often unsuccessful in compromising customer accounts, this reconnaissance activity helps the adversary identify more details about their targets’ environments HAFNIUM operates primarily from leased virtual private servers in the United States That Attack Steps The attacks included three steps .... .... Thank you from Kimavi, Please visit us at Kimavi.Com for more Super Simple Educational videos