While the fallout of the SolarWinds/SUNBURST attack continues to unfold, China also has entered the threat landscape. Though the APT group HAFNIUM is believed to have been exploiting flaws in on-premise Microsoft Exchange servers since January 6th, 2021, Microsoft publicly acknowledged the vulnerabilities on March 2nd and released several security updates to address the vulnerabilities, recommending that administrators install the patches immediately. The supposed motive of this APT group attack aligns to the typical strategy of Chinese cyber attacks: intellectual property theft.
*** This is a Security Bloggers Network syndicated blog from IronNet Blog authored by Anthony Grenga. Read the original post at: https://www.ironnet.com/blog/the-ironnet-april-threat-intelligence-brief