Microsoft server hack hit about 100 victims, researchers say
Microsoft on Saturday issued an alert about "active attacks" on self-managed SharePoint servers, which are widely used by government agencies and businesses to share documents within organisations.
Dubbed a "zero-day" because it leverages a previously undisclosed digital weakness, the hacks allow spies to penetrate vulnerable servers and potentially drop a backdoor to secure continuous access to victim organizations.
Vaisha Bernard, the chief hacker at Eye Security, a Netherlands-based cybersecurity firm, which discovered the hacking campaign targeting one of its clients on Friday, said that an internet scan carried out with the Shadowserver Foundation had uncovered nearly 100 victims altogether - and that was before the technique behind the hack was widely known.
"It's unambiguous," Bernard said. "Who knows what other adversaries have done since to place other backdoors."
He declined to identify the affected organizations, saying that the relevant national authorities had been notified.
The Shadowserver Foundation confirmed the 100 figure and said that most of those affected were in the United States and Germany and that the victims included government organizations.
Another researcher said that, so far, the spying appeared to be the work of a single hacker or set of hackers.
"It's possible that this will quickly change," said Rafe Pilling, director of Threat Intelligence at Sophos, a British cybersecurity firm.
Microsoft said it had "provided security updates and encourages customers to install them," a company spokesperson said in an emailed statement.
It was not clear who was behind the ongoing hack. The FBI said on Sunday it was aware of the attacks and was working closely with its federal and private-sector partners, but offered no other details. Britain's National Cyber Security Center said in a statement that it was aware of "a limited number" of targets in the United Kingdom.
According to data from Shodan, a search engine that helps to identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers.
Those servers include major industrial firms, banks, auditors, healthcare companies, and several U.S. state-level and international government entities.
"The SharePoint incident appears to have created a broad level of compromise across a range of servers globally," said Daniel Card of British cybersecurity consultancy, PwnDefend.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
CNA
2 hours ago
- CNA
US dollar rises, but on track for weekly drop ahead of Fed, BOJ
NEW YORK :The U.S. dollar advanced on Friday, bolstered by solid economic data that suggested the Federal Reserve could take its time in resuming interest rate cuts, while tariff negotiations showed more clarity that eased some uncertainty in the market. The U.S. currency showed little reaction to data showing new orders for key U.S.-manufactured capital goods unexpectedly fell in June while shipments of those products increased moderately. That suggested business spending on equipment slowed considerably in the second quarter. "The dollar regained some ground the past two days, after being on the defensive earlier in the week ... supported mostly by an encouraging set of U.S. economic data that argues for continued patience at the Fed," said Elias Haddad, senior markets strategist at Brown Brothers Harriman in London. The greenback was set for its biggest weekly drop in a month, ahead of more tariff dialogue and central bank meetings next week, while sterling dipped after softer-than-expected British retail sales data. Both the Fed and the Bank of Japan are expected to hold rates steady at next week's policy meetings, but traders are focusing on the subsequent comments to gauge the timing of the next moves. "We see some room for optimism at the (Fed) meeting," wrote BNP Paribas in a research note. "Economic uncertainty associated with trade policy, while not entirely resolved, has declined markedly." Politics is a factor for both central banks, most dramatically in the U.S., where President Donald Trump once again pressed for lower interest rates on Thursday as he locked horns with Fed Chair Jerome Powell. Brown Brothers' Haddad said the Fed's monetary policy is being "overshadowed by the political pressure to lower interest rates. That's one of the reasons why I think the dollar's upside is limited." The dollar managed to recover a touch against the euro late on Thursday, however, after Trump said he did not intend to fire Powell, as he has frequently suggested he could. "The market relief was based on the fact that Trump refrained from calling for Powell to go, although that was based on Trump's view that Powell would 'do the right thing'," said Derek Halpenny, head of EMEA research at MUFG. He added, however, that "the theme of Fed independence being undermined by the White House will unlikely go away and remains a downside risk for the dollar." BOJ MEETING Falls against the euro and yen leave the dollar index, which measures the dollar against six other currencies, at 97.45, on track for a drop of 0.8 per cent this week, its weakest performance in a month, though it bounced back 0.2 per cent to 97.663 on Friday. Meanwhile, in Japan, though the trade deal signed with the U.S. this week could make it easier for the BOJ to continue rate hikes, the bruising loss for Prime Minister Shigeru Ishiba's coalition in upper house elections on Sunday complicates life for the BOJ. The yen was softer, thanks in part to below-expectations Tokyo inflation data, with the dollar last up 0.4 per cent at 147.59 yen, though on course for a weekly 0.9 per cent fall, the lowest since June 23. The euro was flat at $1.1741, but set for a weekly gain of nearly 1 per cent, its best showing in a month. The common currency took some support Thursday from the European Central Bank meeting. Policymakers left the policy rate at 2 per cent, as expected, but the bank's relatively upbeat assessment of the economic outlook and signs that an EU-U.S. trade deal is near caused investors to reassess previous assumptions of one more rate cut this year. [GVD/EUR] In contrast, soft British data is supporting expectations of more Bank of England rate cuts, and causing euro zone bond yields to rise faster than British ones, supporting the euro against the pound. [GB/] The euro rose to 87.43 pence versus sterling on Friday, its highest since April, building on a 0.44 per cent gain the previous day.. It was last up 0.4 per cent at 87.42 pence. Data on Friday showed British retail sales data for June came in slightly below analysts' expectations, albeit rebounding from a sharp drop in May. Figures on Thursday showed business activity grew only weakly in July and employers cut jobs at the fastest pace in five months. Against the dollar, the pound fell 0.6 per cent to $1.3434. Currency bid prices at 25 July 07:31 p.m. GMT Descript RIC Last U.S. Pct YTD High Low ion Close Chang Pct Bid Bid Previous e Session Dollar 97.633 97.451 0.19 per cent -10.01 97.906 97. index per cent 426 Euro/Dol 1.1746 1.1748 -0.01 13.46 per cent $1.176 $1. lar per cent 1 170 4 Dollar/Y 147.56 146.915 0.45 per cent -6.22 per cent 147.89 146 en 5 .84 Euro/Yen 173.33 172.67 0.38 per cent 6.19 per cent 173.61 172 .52 Dollar/S 0.7947 0.7954 -0.08 -12.42 0.7979 0.7 wiss per cent per cent 948 Sterling 1.3436 1.3512 -0.56 7.43 per cent $1.351 $1. /Dollar per cent 341 7 Dollar/C 1.3707 1.3637 0.52 per cent -4.67 per cent 1.3725 1.3 anadian 639 Aussie/D 0.6564 0.6591 -0.39 6.1 per cent $0.659 $0. ollar per cent 9 655 2 Euro/Swi 0.9333 0.9341 -0.09 -0.64 per cent 0.9354 0.9 ss per cent 329 Euro/Ste 0.874 0.8693 0.54 per cent 5.64 per cent 0.8743 0.8 rling 691 NZ 0.6014 0.6029 -0.22 7.51 per cent $0.603 0.6 Dollar/D per cent 7 ollar Dollar/N 10.1581 10.1237 0.34 per cent -10.63 10.182 10. orway per cent 7 115 9 Euro/Nor 11.9327 11.889 0.37 per cent 1.39 per cent 11.946 11. way 886 Dollar/S 9.5126 9.528 -0.16 -13.66 9.5555 9.5 weden per cent per cent 118 Euro/Swe 11.1744 11.2135 -0.35 -2.55 per cent 11.215 11. den per cent 5 166
CNA
3 hours ago
- CNA
Spear AI raises first round of funding to apply AI to submarine data
SAN FRANCISCO :A startup founded by U.S. Navy veterans aiming to help the U.S. military use artificial intelligence to decipher data gathered by submarines has raised its first round of outside capital. Washington-based Spear AI specializes in working with what is known as passive acoustic data, which is gathered by listening devices underwater. Its long-term aim is to use AI to help submarine operators understand whether an object heard could be a rain squall, a whale, or a vessel that could be a threat, and to detect where it is and how fast it is moving. The challenge is that most existing AI tools are trained on data such as words or images that have been painstakingly labeled and organized over years or decades by companies such as Scale AI, which recently signed a $14.8-billion deal with Meta Platforms. Data from acoustic sensors is different. Spear AI co-founders Michael Hunter, a former U.S. Navy SEAL analyst, and John McGunnigle, a former nuclear submarine commander for the U.S. Navy, are building a hardware and software platform that aims to prepare that data for AI algorithms. The company sells sensors that can be attached to buoys or vessels and a software tool to help label and sort the data gathered by the sensors to make it ready to be put into AI systems. The U.S. Navy this month awarded Spear AI a $6-million contract for its data-labeling tool. Spear AI, founded in 2021, has been self-funded and has about 40 employees. Hunter, the CEO, said it raised $2.3 million from AI-focused venture firm Cortical Ventures and private equity firm Scare the Bear. The funding will be used to double the company's headcount to support its government contracts and commercial business prospects, such as monitoring underwater pipelines and cables. Hunter said Spear AI also aims to sell consulting services, a model similar to defense tech firm Palantir. "We wanted to build the product and actually get it out the door before the contract came in to get it," Hunter told Reuters. "The only way you can do that is with private capital."
CNA
4 hours ago
- CNA
US closes probe into Waymo self-driving collisions, unexpected behavior
WASHINGTON :The National Highway Traffic Safety Administration said on Friday it has closed a 14-month investigation into a series of minor collisions and unexpected behavior from Alphabet's Waymo self-driving vehicles without taking further action. The U.S. auto safety regulator in May 2024 opened an investigation after 22 reports about Waymo robotaxis exhibiting driving behavior that potentially violated traffic safety laws, or demonstrating other "unexpected behavior," including 17 collisions. NHTSA cited two recalls issued by Waymo and the agency's analysis of available data in closing the investigation, including a 2024 recall to address a collision with a utility pole. The agency also cited Waymo's May recall of more than 1,200 vehicles that updated software to improve detection and avoidance of roadway barriers, such as chains strung across the path of travel, gates, and other gate-like roadway barriers. "At Waymo we are committed to prioritizing safety and we're pleased that NHTSA has concluded their investigation and closed our case," a spokesperson said Friday. NHTSA's probe covered potential traffic safety law violations by Waymo vehicles and unexpected responses to traffic control devices and issues when entering construction zones. The agency said last year that several incidents "involved collisions with clearly visible objects that a competent driver would be expected to avoid." Waymo has over 1,500 vehicles on the road across San Francisco, Los Angeles, Phoenix and Austin, Texas, and is running more than 250,000 fully autonomous paid rides a week. It hopes to add service in New York, Miami and Washington, D.C. and launched service with Uber last month in Atlanta. Self-driving vehicle companies, including Waymo and General Motors have come under increased regulatory scrutiny following a 2023 incident where a pedestrian was seriously injured by a Cruise vehicle. GM cut Cruise's funding and folded it into its broader operations.
