• Home
  • About
  • Events Calendar
  • Blueprint Guidelines
  • Privacy Policy
  • Manage Email Delivery
  • NextGenInfra.io
  • buzzwords
  • Archives
  • Milestones
  • On This Day
  • Video Search
Converge Digest
Wednesday, July 15, 2026
  • Home
  • About
  • Events Calendar
  • Blueprint Guidelines
  • Privacy Policy
  • Manage Email Delivery
  • NextGenInfra.io
  • buzzwords
  • Archives
  • Milestones
  • On This Day
  • Video Search
No Result
View All Result
Converge Digest
No Result
View All Result

Home » Microsoft Exchange hit by state-sponsored hackers from China

Microsoft Exchange hit by state-sponsored hackers from China

March 7, 2021
in All
A A

Microsoft warned enterprises using its on-premises Exchange Server platforms of multiple 0-day exploits being used in limited and targeted attacks. The exploit does not affect Microsoft 365 or Azure Cloud deployments.

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures. HAFNIUM, which primarily targets entities in the United States across a number of industry sectors,  exfiltrates data to file sharing sites like MEGA. The group is believed to use leased virtual private servers (VPS) in the United States to launch their attacks

In the attacks observed, HAFNIUM used the newly discovered vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. 

According to media reports, the attack potentially compromised up to 30,000 organizations.

Microsoft has released out-of-band security updates to address four vulnerabilities in Exchange Server. In addition, Microsoft has released alternative mitigation techniques for Exchange Server customers who are not able to immediately apply updates that address vulnerabilities.

Separately, the U.S. Cybersecurity and Infrastructure Security Agency issued a directive requiring federal civilian departments and agencies running Microsoft Exchange on-premises products to update or disconnect the products from their networks.

In addition, the European Banking Authority confirmed that it was compromised by the attack, and that as a precautionary measure, the EBA has decided to take its email systems offline.

https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Tags: Blueprint columnsChinaMicrosoftSecurity
ShareTweetShareSummarizeSummarize
Previous Post

SEC charges AT&T with disclosing insider information

Next Post

Microsoft previews AI-driven Azure modules

Staff

Staff

Related Posts

All

Microsoft Accelerates Quantum-Safe Date

July 2, 2026
AI Infrastructure

Chevron Signs 20-Year Power Deal with Microsoft

June 22, 2026
Quantum

Microsoft Unveils Majorana 2 Quantum Chip

June 2, 2026
Clouds and Carriers

Alibaba Accelerates AI Infrastructure Buildout as Cloud Revenue Surges 38%

May 15, 2026
AI Infrastructure

Nebius, Microsoft, and TikTok Drive Finland’s AI Data Center Surge

April 17, 2026
AI Infrastructure

Nscale Expands Microsoft Deal with 30,000+ NVIDIA Rubin GPUs at 230 MW Norway AI Campus

April 15, 2026
Next Post

Microsoft previews AI-driven Azure modules

Please login to join discussion

Categories

  • 5G / 6G / Wi-Fi
  • AI Infrastructure
  • All
  • Automotive Networking
  • Blueprints
  • Clouds and Carriers
  • Corporate Strategies
  • CPO
  • Data Centers
  • Enterprise
  • Explainer
  • Feature
  • Hot Start-ups
  • Last Mile / Middle Mile
  • Legal / Regulatory
  • Optical
  • Optical I/O
  • Pluggable Optics
  • Quantum
  • Research
  • Security
  • Semiconductors
  • Silicon Photonics
  • Space Networking & Orbital Data Centers
  • Subsea
  • Sustainability
  • Video
  • Webinars
Converge Digest

A private dossier for networking and telecoms

Follow Us

  • Home
  • About
  • Events Calendar
  • Blueprint Guidelines
  • Privacy Policy
  • Manage Email Delivery
  • NextGenInfra.io
  • buzzwords
  • Archives
  • Milestones
  • On This Day
  • Video Search

© 2026 Converge Digest - A private dossier for networking and telecoms.

No Result
View All Result
  • Home
  • About
  • Events Calendar
  • Blueprint Guidelines
  • Privacy Policy
  • Manage Email Delivery
  • NextGenInfra.io
  • buzzwords
  • Archives
  • Milestones
  • On This Day
  • Video Search

© 2026 Converge Digest - A private dossier for networking and telecoms.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
Go to mobile version