🐾 - 🚨 Exploitation possible - multiples RCE dans Microsoft Exchange 📫 - HAFNIUM Group 🇨🇳

SID: 3309610Rev: 10 views
Sourcepawpatrules
CreatedMarch 3, 2021
UpdatedMarch 3, 2021
Classificationtrojan-activity
alert tcp any any -> $HOME_NET any (msg:"🐾 - 🚨 Exploitation possible - multiples RCE dans Microsoft Exchange 📫 - HAFNIUM Group 🇨🇳"; content:"POST"; content:"/owa/auth/Current/themes/resources/SegoeUI-SemiBold.eot"; reference:url,https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/; reference:url,https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/; metadata:created_at 2021_03_03, updated_at 2021_03_03; sid:3309610; rev:1; classtype:trojan-activity;)

References

urlhttps://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/
urlhttps://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Metadata

created at2021_03_03
updated at2021_03_03

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!