Palo Alto Networks

microsoft exchange server

Busted by XDR: Detecting Microsoft Exchange Post-Exploit Activity in February

On March 2, Microsoft released security updates to mitigate four critical zero-day Microsoft Exchange Server vulnerabilities that were actively exploited by a threat group they call HAFNIUM. Since the initial attacks, Unit 42 and a number of other threat intelligence teams have observed multiple threat actors exploiting these zero-day vulnerabilities in the wild.

Shortly after the public disclosure, we published a Threat Assessment and a threat hunting blog post...

Apr 01, 2021

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.