Azure Sentinel #HAFNIUM #DearCry and Exchange attacks

Tanki Online Crystal Generator

In this livestream Maarten Goet, MVP & RD, and Azure Sentinel specialist Jeroen Niesen will talk about the recent Exchange 0-day #HAFNIUM vulnerability and the #DearCry ransomware attack taking advantage of this pre-auth RCE. They will show you how Microsoft Defender and Azure Sentinel can help you, and they will show some great live demo’s!


• PoC

• Metasploit
• Metasploit module for
• March 2021 Exchange Server Security
• Updates for older CU’
• Exchange On-premises Mitigation Tool (EOMT):
• Microsoft blog on
• IoC’s in JSON
• Import the IoC’s into Azure Sentinel TI using Jeroen’s powershell
• Microsoft’s guidance on investigating
• FireEye write-up on ChinaChopper
• Easy deployment of AD + Exchange environment for
• Exchange ProxyLogon (CVE-2021-26855 SSRF)
• Azure Sentinel

Like And Subscribe

Editing with Filmora 9
Record with Window 10

Tanki Online Crystal Generator