HAFNIUM Archives - ThreatsHub Cybersecurity News

Tarrask malware uses scheduled tasks for defense evasion

April 12, 2022 TH Author Cybersecurity, HAFNIUM, Microsoft Detection and Response Team (DART), Microsoft security intelligence, Tarrask

Microsoft Detection and Response Team (DART) researchers have uncovered malware that creates “hidden” scheduled tasks as a defense evasion technique. In this post, we will demonstrate how threat actors create scheduled tasks, how they cover their tracks, and how the malware’s evasion techniques are used to maintain and ensure persistence on systems.
The post Tarrask malware uses scheduled tasks for defense evasion appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

HAFNIUM targeting Exchange Servers with 0-day exploits

March 2, 2021 TH Author Cybersecurity, Exchange Server, HAFNIUM, Microsoft security intelligence, Microsoft Threat Intelligence Center (MSTIC), MSRC, Security Intelligence, threat intelligence, Threat protection

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and install additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM.
The post HAFNIUM targeting Exchange Servers with 0-day exploits appeared first on Microsoft Security. READ MORE HERE…