Hafnium

Best of 2021 - Chinese Exchange Hack: At Best, Microsoft is Incompetent

Best of 2021 – Chinese Exchange Hack: At Best, Microsoft is Incompetent

| | Exchange Server, Hafnium, Microsoft, SB Blogwatch
This week brought news of Chinese hackers attacking Microsoft Exchange. But why did Microsoft wait eight weeks to tell anyone? ...
Security Boulevard
Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

| | Anti-Ransomware, antivirus, Cybereason Anti-Ransomware Solution, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, enterprise security, EPP, Exploits, Extended Detection and Response, Hafnium, Microsoft, microsoft defender, Microsoft Exchange, Microsoft Hypertext Markup Language, Network Security, Next Generation Antivirus, ngav, ProxyLogon, ProxyShell, SolarWinds Attacks, Unified Endpoint Security, Vulnerabilities, vulnerability
It has been a very busy year when it comes to Microsoft zero-day attacks. According to KrebsOnSecurity, May is the only month in 2021 that Microsoft didn’t release a patch to defend ...
Blog
1,460-Day Old Known Vulnerability Catches Microsoft Off Guard

1,460-Day Old Known Vulnerability Catches Microsoft Off Guard

| | AI, Artificial Intelligence, Azurescape, Cybereason Defense Platform, Cybereason XDR Platform, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, Exploits, Hafnium, Lior Blog, machine learning, Microsoft, Microsoft Exchange, Microsoft Hypertext Markup Language, MSHTML, Next Generation Antivirus, ngav, PrintNightmare, SolarWinds Attacks, Unified Endpoint Security, Vulnerabilities, vulnerability, XDR, zero-day
Vulnerabilities are a fact of life. I started my career in cybersecurity finding and exploiting those vulnerabilities to conduct nation-state offensive operations. I understand the simple reality that there is no such ...
Blog
Azurescape Vulnerability: More Evidence that  Microsoft Should Leave Security to the Experts

Azurescape Vulnerability: More Evidence that  Microsoft Should Leave Security to the Experts

| | Azurescape, cloud computing, Cybersecurity, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, EPP, Extended Detection and Response, Hafnium, Microsoft, Microsoft Exchange, Privilege Escalation, security, Software Security, SolarWinds Attacks, Unified Endpoint Security
It’s been a busy couple weeks for Microsoft—and not in a good way. Following the news that a configuration error left Azure cloud customer data exposed to potential compromise, and a security ...
Blog
Microsoft Zero-Day-of-the-Month Club

Microsoft Zero-Day-of-the-Month Club

| | cyberattack, Exploits, Hafnium, Internet Explorer, Lior Blog, Microsoft, Microsoft Exchange, MSHTML, PrintNightmare, SolarWinds Attacks, Vulnerabilities, vulnerability, zero-day
When it comes to zero day attacks against Microsoft products, I often feel like Bill Murray’s character in the movie Groundhog Day. It seems like I keep waking up to the same ...
Blog
Make Cyberattacks Like Hafnium Irrelevant

Make Cyberattacks Like Hafnium Irrelevant

| | application aware protection, application aware workload protection, Cyber Security, Cyber-attack, Hafnium, runtime protection
Recent statements issued by the United States, European Union, and the United Kingdom have accused China of conducting the cyberattack against Microsoft’s Exchange Servers. China continues to deny the claims, but officials ...
Virsec Blog
Nations come together to condemn China: APT31 and APT40

Nations come together to condemn China: APT31 and APT40

| | APT31, APT40, china, Hafnium, Kryptonite Panda, Leviathan, Ministry of State Security, MSS Hackers
 On Monday (19JUL2021) President Biden announced that the US and its allies were joining together to condemn and expose that China was behind a set of unprecedented attacks exploiting vulnerabilities in Microsoft ...
CyberCrime & Doing Time
Microsoft security

White House Accuses China of Microsoft Exchange Attack

| | china, executive order, Hafnium, Microsoft Exchange
Russia may have drawn the lion’s share of scorn for a recent string of cyberattacks against U.S. and global interests, but the Biden administration and a bevy of allies and partners blame ...
Security Boulevard
CISO Roundtable: Ransomware Attacks and the True Cost to Business

CISO Roundtable: Ransomware Attacks and the True Cost to Business

| | Anti-Ransomware, CISO, CISO Stories Podcast, Conti, Cybersecurity, Cybersecurity Collaborative, Darkside, endpoint detection and response, Endpoint Protection Platform, enterprise security, Hafnium, Insights, Malware, Microsoft Exchange, Network Security, Podcast, Ransomware, rEvil, Russia, security policy, SolarWinds Attacks, Unified Endpoint Security, Webinars, WebinarsCat
A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact ...
Blog
The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow

The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow

| | Advanced persistent threat, APT, china, Critical Infrastructure, Cybersecurity, Darkside, Espionage, executive order, Hafnium, Infosec, Microsoft Exchange, Nation-state Attack, national security, Ransomware, Russia, security, SolarWinds Attacks
In the past few months, we’ve faced massive attacks with SolarWinds and the HAFNIUM attacks targeting Microsoft Exchange, followed by the unprecedented ransomware attack by DarkSide that crippled US critical infrastructure. It ...
Blog
Load more