Search results
Results from the Health.Zone Content Network
A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers, administrator privileges on the server, and access to connected devices on the same network.
Hafnium (group) (Redirected from HAFNIUM (group)) Hafnium (sometimes styled HAFNIUM; also called Silk Typhoon by Microsoft [1]) is a cyber espionage group, sometimes known as an advanced persistent threat, with alleged ties to the Chinese government. [2] [3] [4] Hafnium is closely connected to APT40. [5]
Exchange Web Services (EWS), an alternative to the MAPI protocol, is a documented SOAP -based protocol introduced with Exchange Server 2007. Exchange Web Services is used by the latest version of Microsoft Entourage for Mac and Microsoft Outlook for Mac - since the release of Mac OS X Snow Leopard Mac computers running OS X include some support ...
Microsoft Exchange Server. In February 2021 Microsoft determined that the attackers had downloaded a few files "(subsets of service, security, identity)" apiece from "a small subset of Azure components" "a small subset of Intune components" "a small subset of Exchange components" None of the Microsoft repositories contained production credentials.
Ivanti Pulse Connect Secure data breach. On April 20, 2021, it was reported that suspected Chinese-state backed hacker groups had breached multiple government agencies, defense companies and financial institutions in both the US and Europe after the hackers created and used a Zero-day exploit for Ivanti Pulse Connect Secure VPN devices.
The attacker exploited a vulnerability in the organization's Microsoft Exchange Control Panel, and used a novel method to bypass multi-factor authentication. Later, in June and July 2020, Volexity observed the attacker utilizing the SolarWinds Orion trojan; i.e. the attacker used Microsoft vulnerabilities (initially) and SolarWinds supply chain ...
China Chopper is a web shell approximately 4 kilobytes in size, first discovered in 2012. This web shell is commonly used by malicious Chinese actors, including advanced persistent threat (APT) groups, to remotely control web servers. This web shell has two parts, the client interface (an executable file) and the receiver host file on the ...
On November 13, 2021, Conor Brian Fitzpatrick, going by his alias "Pompompurin", compromised the FBI's external email system, sending thousands of messages warning of a cyberattack by cybersecurity CEO Vinny Troia who was falsely suggested to have been identified as part of The Dark Overlord hacking group by the United States Department of Homeland Security.