Multiple Exchange Server Zero-Days Under Attack by Chinese Hacking Group

Download the PDF here, or view the full article here.

Microsoft late Tuesday raised the alarm after discovering Chinese cyber-espionage operators chaining multiple zero-day exploits to siphon e-mail data from corporate Microsoft Exchange servers.

Microsoft pinned the blame on a sophisticated Chinese APT operator called HAFNIUM that operates from leased VPS (virtual private servers) in the United States.

HAFNIUM primarily targets entities in the U.S. across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.