While migrating Exchange mailbox from one database to a different, the Exchange Administrator doesn't get to sync the info to every folder, but Exchange
Microsoft has delivered on its promise of releasing a solution, both automated and manual, for the Y2K22 Exchange Server bug that was causing mail and messages to get stuck in transport queues.
On 2021-02-28, we noticed that the vulnerabilities were used by other threat actors, starting with Tick and quickly joined by LuckyMouse, Calypso and the Winnti Group. This suggests that multiple threat actors gained access to the details of the vulnerabilities before the release of the patch, which means we can discard the possibility that they built an exploit by reverse engineering Microsoft updates.
Finally, the day after the release of the patch, we started to see many more threat actors (including Tonto Team and Mikroceen) scanning and compromising Exchange servers en masse. Interestingly, all of them are APT groups interested in espionage, except for one outlier (DLTMiner), which is linked to a known cryptomining campaign. A summary of the timeline is shown in Figure 1.
HAFNIUM targeting Exchange Servers with 0-day exploits microsoft.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from microsoft.com Daily Mail and Mail on Sunday newspapers.