US government agencies are under attack in widespread Microsoft hack
Tens of thousands of servers hosting the software, which is used for sharing and managing documents, could potentially be at risk as a result of the 'zero day' cyberattack, according to The Washington Post.
By obtaining access to internal servers, the hackers may have been able to steal sensitive data from connected Outlook and Teams accounts, including passwords, as well as cryptographic keys to allow them back in. Cloud-based services are not thought to have been compromised.
Microsoft has already issued one patch to address the vulnerability but, at the time of writing, two more versions of SharePoint were still awaiting custom patches of their own.
The two U.S. agencies affected could not be named by researchers because of confidentiality agreements, according to the Post, but the FBI has said it is aware of the matter and is investigating.
'We are working closely with our federal government and private sector partners,' the bureau said.
It is not yet clear who is behind the attack, although the Post reports that a state legislature in the eastern United States was targeted, as were institutions in China. A local government agency in Spain and a university in Brazil were also hit.
An official with the aforementioned eastern state said the attackers had 'hijacked' a repository of documents made available to residents to help them understand the workings of government, leaving the agency currently unable to access the material in question, which may or may not have been deleted by the raiders.
'We will need to make these documents available again in a different repository,' they pledged.
According to Marci McCarthy, spokesperson for the Department of Homeland Security 's Cybersecurity and Infrastructure Security Agency (CISA), the hack came after Microsoft fixed a security flaw in SharePoint earlier this month, which inadvertently alerted the hackers that they might be able to exploit a similar vulnerability.
McCarthy said CISA was alerted to the hack by a cyber research firm on Friday and immediately flagged it to Microsoft.
She denied that her agency was 'asleep at the wheel' without a permanent director in charge, as nominee Sean Plankey continues to serve in an acting capacity only as he awaits confirmation by the Senate.
Microsoft is a major tech vendor to governments around the world but is not immune to targeting by cybercriminals.
The corporation announced on Friday that it would stop employing China-based engineers to work on Defense Department cloud computing contracts after Defense Secretary Pete Hegseth ordered a review of its infrastructure amid global espionage concerns.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Geeky Gadgets
20 minutes ago
- Geeky Gadgets
iOS 26 Public Beta 1 & AppleCare One: Get Ready for What's Next
Apple is expected to unveil three significant updates that promise to enhance how you interact with its ecosystem. With the release of the highly anticipated iOS 26 Public Beta expected soon, the introduction of Apple Care ONE, and the launch of a custom wallpaper, these updates reflect Apple's ongoing commitment to personalization, functionality, and user satisfaction. Here's a closer look at how these updates can impact your Apple experience. Watch this video on YouTube. iOS 26 Public Beta: A Glimpse into the Future The iOS 26 Public Beta has captured the attention of Apple enthusiasts worldwide. Although its official release is expected this week, as of today, July 24, it remains unavailable. This beta version is designed to offer a preview of Apple's latest advancements, focusing on improved performance, enhanced functionality, and new features that aim to refine your interaction with Apple devices. While Apple has not released a comprehensive list of features, its track record suggests updates that prioritize user experience. You can anticipate more intuitive app interfaces, expanded customization options, and tools designed to simplify daily tasks. For those who enjoy exploring innovative technology, the iOS 26 Public Beta provides an opportunity to experience Apple's innovations firsthand before the official rollout. Apple Care ONE: Comprehensive Device Protection Apple Care ONE introduces a streamlined approach to device protection, offering coverage for up to three Apple devices under a single plan for $19.99 per month. For users with more than three devices, additional coverage is available at $5.99 per device per month. This plan is designed to provide comprehensive support for your Apple products, making sure peace of mind and convenience. The subscription includes unlimited repairs, 24/7 customer support, and battery replacement services. Whether you're dealing with accidental damage or routine maintenance, Apple Care ONE ensures you have access to reliable assistance whenever you need it. For users with multiple Apple devices, this service simplifies the process of managing device protection, offering a cost-effective and efficient solution. Custom Wallpaper Platform: Express Your Style To celebrate the opening of a new Apple Store in Saudi Arabia, Apple has introduced a custom wallpaper platform. This online tool allows you to design and download personalized wallpapers for your Apple devices, offering a unique way to make your devices truly your own. The platform provides a variety of customization options, including the ability to modify the Apple logo and select background colors that match your preferences. Whether you prefer sleek, minimalist designs or bold, vibrant aesthetics, this feature enables you to express your individuality. By launching this platform, Apple emphasizes its dedication to personalization, allowing users to create a visual identity that reflects their style. What These Updates Mean for You These updates highlight Apple's focus on innovation, usability, and personalization, aiming to enhance your overall experience within its ecosystem. The iOS 26 Public Beta offers early access to the latest advancements in Apple's mobile operating system, allowing you to explore new features and improvements. Apple Care ONE simplifies device protection, making sure your products are safeguarded with minimal effort. Meanwhile, the custom wallpaper platform celebrates creativity, giving you the tools to personalize your devices in a way that resonates with your unique preferences. Together, these updates demonstrate Apple's commitment to delivering a seamless and engaging user experience. Whether you're exploring new software, protecting your devices, or customizing their appearance, these developments reinforce Apple's position as a leader in technology and design, making sure that your interaction with its products remains both functional and enjoyable. Check out more relevant guides from our extensive collection on iOS 26 Public Beta that you might find useful. Source & Image Credit: iDeviceHelp Filed Under: Apple, Apple iPhone, Top News Latest Geeky Gadgets Deals Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
Reuters
an hour ago
- Reuters
Microsoft says some SharePoint server hackers now using ransomware
WASHINGTON, July 23 (Reuters) - A cyber-espionage campaign centered on vulnerable versions of Microsoft's (MSFT.O), opens new tab server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post, opens new tab. In the post, citing "expanded analysis and threat intelligence," Microsoft said a group it dubs "Storm-2603" is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised. "Additional servers were isolated as a precaution," he said. The news of the compromise was first reported by the Washington Post. Other outlets said the hacking campaign had breached an even broader range of U.S. agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security had been hit, opens new tab, along with more than five to 12 other agencies. Politico, which cited two U.S. officials, said multiple agencies were believed to have been breached, opens new tab. DHS' cyberdefense arm, CISA, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims. The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google-owner Alphabet (GOOGL.O), opens new tab, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim.
BreakingNews.ie
2 hours ago
- BreakingNews.ie
Tesla profit plunges in latest quarter as Musk's turn to politics repels buyers
The fallout from Elon Musk's plunge into politics a year ago is still hammering his Tesla business as both sales and profits dropped sharply again in the latest quarter. The car company that has faced boycotts for months said on Wednesday that revenue dropped 12% and profits slumped 16% in the three months through June as buyers continued to stay away. Advertisement 'The perception of Elon Musk, its chief executive, has rubbed the sheen right out of what once was a darling and soaring automotive brand,' wrote Forrester analyst Dipanjan Chatterjee in an email. Tesla is 'a toxic brand that is inseparable from its leader'. Quarterly profits at the electric vehicle, battery and robotics company fell to 1.17 billion dollars (£865.8 million), or 33 cents a share, from 1.4 billion (£1.03 billion), or 40 cents a share. That was the third quarter in a row that profit dropped. On an adjusted basis, the company said it earned 40 cents a share, matching Wall Street estimates. Advertisement Revenue fell from 25.5 billion (£18.8 billion) to 22.5 billion (£16.6 billion) in the April through June period, slightly above Wall Street's forecast. Tesla shares fell 3% in after-hours trading. Mr Musk spent the company's earnings conference call talking less about car sales and more about robotaxis, automated driving software and robotics, which he says is the future of the company. But those businesses are yet to take off, and the gap between promise and profit was apparent in the second quarter. 'It appears management's focus will now shift to robotaxis and away from deliveries growth,' said Morningstar analyst Seth Goldstein, referring to car sales. Advertisement A big challenge is that potential buyers, not just in the US but in Europe, are still baulking at buying Teslas. Mr Musk alienated many in the market for cars in Great Britain, France, Germany and elsewhere by embracing far-right candidates for office on the continent. And rival electric vehicle makers such as China's BYD and Germany's Volkswagen have pounced on the weakness, stealing market share. Tesla began a rollout of its paid pickup robotaxi service in Austin, Texas, and hopes to introduce the driverless cabs in several other cities soon. Mr Musk has said he expects to have hundreds of thousands of the cabs on US roads by the end of next year. In the post-earnings call, Mr Musk said the service will be available to probably 'half of the population of the US by the end of the year — that's at least our goal, subject to regulatory approvals'. Advertisement He added: 'We are being very cautious. We don't want to take any chances.' The test run in Austin has mostly gone off without a hitch, though there have been a few alarming incidents, such as when a robotaxi went down a lane meant for opposing traffic. Elon Musk with US President Donald Trump (Evan Vucci/AP) With autonomous taxis, though, the billionaire who upended the space race and electric vehicle manufacturing faces tough competition. The dominant provider now, Waymo, is already in several cities and recently logged its ten-millionth paid trip. Meanwhile, other threats loom. The new federal budget just passed by Congress eliminates a credit worth as much as 7,500 dollars (£5,522) for buying an electric car. Advertisement It also wipes out penalties for car makers for exceeding carbon emission standards. That threatens Tesla's business of selling its 'carbon credits' to traditional car companies that regularly fall short of emission standards. Tesla generated 439 million (£328 million) from credit sales, down sharply from 890 million (658 million) a year ago. 'We're in this weird transition period where we'll lose a lot of incentives in the US,' Mr Musk said, predicting several rough months possibly through June of next year. He added, though: 'Once you get to autonomy at scale in the second half of next year, certainly by the end of next year, I would be surprised if Tesla's economics are not very compelling.' The company is now planning to introduce a cheaper model to the market in the last three months of the year. Tesla had previously said that it was going to happen by June this year. Mr Musk also said he expected regulatory approval to introduce its so-called Full Self-Driving software in some parts of Europe by the end of the year. He had previously expected that to happen by March of this year. The feature, which is available in the US, is a misnomer because it is only a driver assistance feature. India's first Tesla showroom to be inaugurated in Mumbai (AP/Rafiq Maqbool) In the robot business, Mr Musk said he expects explosive growth as Tesla ramps up production of its humanoid Optimus helpers to 100,000 a month in five years. 'We'll go from a world where robots are rare to where they're so common that you don't even look up,' he said. Asked about whether he would want more than his current 13% stake in Tesla to keep control, Mr Musk said he did want more but not too much. 'I think my control over Tesla should be enough to ensure that it goes in a good direction,' he said, 'but not so much control that I can't be thrown out if I go crazy'. Gross margins for the quarter, a measure of earnings for each dollar of revenue, fell to 17.2% from 18% a year earlier. A highlight from the quarter was from something far removed from cars and robots: the company's investment in bitcoin. That bet generated a 284 million (£210 million) paper gain, compared with a loss in the previous quarter.
