Microsoft alerts businesses, governments to server software attack
The FBI said on Sunday it is aware of the attacks and is working closely with its federal and private-sector partners, but offered no other details.
In an alert issued on Saturday, Microsoft said the vulnerabilities apply only to SharePoint servers used within organizations. It said that SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the attacks.
'We've been coordinating closely with CISA, DOD Cyber Defense Command and key cybersecurity partners globally throughout our response,' a Microsoft spokesperson said, adding that the company had issued security updates and urged customers to install them immediately.
The Washington Post, which first reported the hacks, said unidentified actors in the past few days had exploited a flaw to launch an attack that targeted US and international agencies and businesses.
The hack is known as a 'zero day' attack because it targeted a previously unknown vulnerability, the newspaper said, quoting experts. Tens of thousands of servers were at risk.
In the alert, Microsoft said that a vulnerability 'allows an authorized attacker to perform spoofing over a network.' It issued recommendations to stop the attackers from exploiting it.
In a spoofing attack, an actor can manipulate financial markets or agencies by hiding the actor's identity and appearing to be a trusted person, organization or website.
Earlier, Microsoft said it is working on updates to 2016 and 2019 versions of SharePoint. If customers cannot enable recommended malware protection, they should disconnect their servers from the internet until a security update is available, it added.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Al Arabiya
6 minutes ago
- Al Arabiya
The Tea app was intended to help women date safely. Then it got hacked
Tea, a provocative dating app designed to let women anonymously ask or warn each other about men they'd encountered, rocketed to the top spot on the US Apple App Store this week. On Friday, the company behind the app confirmed it had been hacked: Thousands of images, including selfies, were leaked online. 'We have engaged third-party cybersecurity experts and are working around the clock to secure our systems,' San Francisco-based Tea Dating Advice Inc. said in a statement. The app and the breach highlight the fraught nature of seeking romance in the age of social media. Here's what to know: Tea was meant to help women date safely. Tea founder Sean Cook, a software engineer who previously worked at Salesforce and Shutterfly, says on the app's website that he founded the company in 2022 after witnessing his own mother's terrifying experiences. Cook said they included unknowingly dating men with criminal records and being catfished – deceived by men using false identities. Tea markets itself as a safe way for women to anonymously vet men they might meet on dating apps such as Tinder or Bumble – ensuring that the men are who they say they are, not criminals, and not already married or in a relationship. It's been compared to the Yelp of dating. In an Apple Store review, one woman wrote that she used a Tea search to investigate a man she'd begun talking to and discovered over 20 red flags, including serious allegations like assault and recording women without their consent. She said she cut off communication. 'I can't imagine how things could've gone had I not known,' she wrote. A surge in social media attention over the past week pushed Tea to the No. 1 spot at the US Apple Store as of July 24, according to Sensor Tower, a research firm. In the seven days from July 17-23, Tea downloads shot up 525 percent compared to the week before. Tea said in an Instagram post that it had reached 4 million users. Tea has been criticized for invading men's privacy. A female columnist for The Times of London newspaper who signed into the app on Thursday called Tea a 'man-shaming' site and complained that 'this is simply vigilante justice entirely reliant on the scruples of anonymous women.' 'With Tea on the scene, what man would ever dare date a woman again?' It's unclear what legal recourse an aggrieved man might have if he feels he's been defamed or had his privacy violated on Tea or a similar social media platform. In May, a federal judge in Illinois threw out an invasion-of-privacy lawsuit by a man who'd been criticized by women in the Facebook chat group 'Are We Dating the Same Guy,' Bloomberg Law reported. The breach exposed thousands of selfies and photo IDs. In its statement, Tea reported that about 72,000 images were leaked online, including 13,000 images of selfies or photo identification that users submitted during account verification. Another 59,000 images that were publicly viewable in the app from posts, comments, and direct messages were also accessed, according to the company's statement. No email addresses or phone numbers were exposed, the company said, and the breach only affects users who signed up before February 2024. 'At this time, there is no evidence to suggest that additional user data was affected. Protecting Tea users' privacy and data is our highest priority,' Tea said. It said users did not need to change their passwords or delete their accounts. 'All data has been secured.'
Al Arabiya
2 hours ago
- Al Arabiya
Company involved in Coldplay KissCam drama hires Gwyneth Paltrow as spokesperson
Astronomer – the company whose CEO resigned after being caught on a KissCam at a Coldplay rock concert embracing a woman who was not his wife – is trying to move on from the drama with someone who knows the band pretty well. Actress Gwyneth Paltrow, who was married to Coldplay's frontman Chris Martin for 13 years, announced Friday on X that she has been hired by Astronomer as a spokesperson. Astronomer, a tech company based in New York, found itself in an uncomfortable spotlight when two of its executives were caught on camera in an intimate embrace at a Coldplay concert – a moment that was then flashed on a giant screen in the stadium. CEO Andy Byron and human resource executive Kristin Cabot were caught by surprise when Martin asked the cameras to scan the crowd during a concert earlier this month. 'Either they're having an affair or they're just very shy,' Martin joked when the couple appeared on screen and quickly tried to hide their faces. In a short video, the 'Shakespeare in Love' and 'Ironman' star said she had been hired as a very temporary spokesperson for Astronomer. 'Astronomer has gotten a lot of questions over the last few days and they wanted me to answer the most common ones,' Paltrow said, smiling and deftly avoiding mention of the KissCam fuss. 'We've been thrilled that so many people have a newfound interest in data workflow automation,' she said. 'We will now be returning to what we do best – delivering game-changing results for our customers.' When footage from the KissCam first spread online, it wasn't immediately clear who the couple were. Soon after, the company identified the pair and Byron resigned, followed by Cabot. The video clip resulted in a steady stream of memes, parody videos, and screenshots of the pair's shocked faces filling social media feeds. Online streams of Coldplay's songs jumped 20 percent in the days after the video went viral, according to Luminate, an industry data and analytics company.
Arab News
14 hours ago
- Arab News
Pakistan deputy PM says hopeful of finalizing US trade deal ‘in days'
ISLAMABAD: Pakistan deputy prime minister and foreign minister, Ishaq Dar, said on Friday that his country was hopeful of finalizing a trade deal with the United States 'in days.' Pakistan and the United States (US) have been engaged in talks after Washington announced a 29 percent 'reciprocal tariff' on Pakistani exports in April. Islamabad said the move, paused in June for a 90-day period, may undercut its fragile, export-led recovery. The US is Pakistan's top export destination, with shipments totaling $5.44 billion in fiscal year 2023-2024, according to official data. From July 2024 to February 2025, exports rose 10 percent from a year earlier. Speaking at the Atlantic Council think tank in Washington, the Pakistani deputy premier said both sides have recently held discussions relating to textiles, digital trade and agriculture. 'Pakistan seeks better market access in the US. On our part, we are working toward granting greater market access to the US products in the large Pakistani markets,' he said. 'We hope to conclude a mutually beneficial trade agreement at the earliest, hopefully in days not in weeks.' Under US President Donald Trump, Washington has attempted to renegotiate trade agreements with many countries that he threatened with tariffs over what he calls unfair trade relations. Many economists dispute Trump's characterization. Dar also met Secretary of State Marco Rubio on Friday. 'Met with Pakistani Deputy Prime Minister and Foreign Minister @MIshaqDar50 today to discuss expanding bilateral trade and enhancing collaboration in the critical minerals sector,' Rubio said on X. 'I also thanked him for Pakistan's partnership in countering terrorism and preserving regional stability.' The Pakistani foreign ministry also said Dar 'appreciated the pivotal role' by Trump and Rubio 'in de-escalating tensions between Pakistan and India by facilitating a ceasefire.' The State Department statement did not mention India. Trump has repeatedly taken credit for the India-Pakistan ceasefire he announced on social media on May 10 after Washington held talks with both sides. India disputes Trump's claims that the ceasefire resulted from his intervention and trade threats. An April 22 militant attack in Indian-administered Kashmir killed 26 men and sparked heavy fighting between the nuclear-armed Asian neighbors in the latest escalation of a decades-old rivalry. India struck Pakistan on May 7 and the two nations exchanged hostilities, killing dozens across three days. The ceasefire was declared on May 10. New Delhi blamed the April attack on Pakistan, which denied responsibility and called for a neutral investigation. Washington condemned the attack but did not blame Islamabad.
