HAFNIUM targeting Exchange Servers with 0-day Exploits

What to Know? (Technical details) — click here to view post.

Cornerstone.IT Gold Microsoft Partner
Connect with us at
www.Cornerstone.IT/contact for the latest updates.

Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have.  #ITCornerView

The attackers used CVE-2021-26857 to run code of their choice under the “system” account on a targeted Exchange server. The other two zero-day flaws — CVE-2021-26858 and CVE-2021-27065 — could allow an attacker to write a file to any part of the server.

After exploiting these vulnerabilities to gain initial access, Hafnium operators deployed web shells on the compromised server, Microsoft said. Web shells are software backdoors that allow attackers to steal data and perform additional malicious actions that lead to further compromise.


HAFNIUM and Microsoft Exchange

Avoid business continuity disruption by including Windows 10 upgrade in your 2021 budget.  Cornerstone.IT is a Microsoft Gold partner with a history of successful Windows upgrades.

#ITBudgetPlanning #LegalIT #ITCornerView

Cornerstone.IT graphic