Microsoft server hack hit about 100 organisations, researchers say
Microsoft on Saturday issued an alert about 'active attacks' on self-hosted SharePoint servers, which are widely used by organisations to share documents and collaborate within organisations. SharePoint instances run off of Microsoft servers were unaffected.
Dubbed a 'zero-day' because it leverages a previously undisclosed digital weakness, the hacks allow spies to penetrate vulnerable servers and potentially drop a backdoor to secure continuous access to victim organisations.
Vaisha Bernard, the chief hacker at Eye Security, a Netherlands-based cybersecurity firm, which discovered the hacking campaign targeting one of its clients on Friday, said that an Internet scan carried out with the Shadowserver Foundation had uncovered nearly 100 victims altogether – and that was before the technique behind the hack was widely known.
'It's unambiguous,' Bernard said. 'Who knows what other adversaries have done since to place other backdoors.'
He declined to identify the affected organisations, saying that the relevant national authorities had been notified.
BT in your inbox
Start and end each day with the latest news stories and analyses delivered straight to your inbox.
Sign Up
Sign Up
The Shadowserver Foundation confirmed the 100 figure. It said most of those affected were in the United States and Germany, and the victims included government organisations.
Another researcher said that, so far, the spying appeared to be the work of a single hacker or set of hackers.
'It's possible that this will quickly change,' said Rafe Pilling, director of Threat Intelligence at Sophos, a British cybersecurity firm.
Microsoft said it had 'provided security updates and encourages customers to install them', a company spokesperson said in an e-mailed statement.
It was not clear who was behind the ongoing hack, but Alphabet's Google, which has visibility into wide swaths of Internet traffic, said it tied at least some of the hacks to a 'China-nexus threat actor'.
The Chinese Embassy in Washington did not immediately respond to a message seeking comment; Beijing routinely denies carrying out hacking operations.
The FBI said on Sunday it was aware of the attacks and was working closely with its federal and private-sector partners, but offered no other details. Britain's National Cyber Security Center said in a statement that it was aware of 'a limited number' of targets in the United Kingdom. A researcher tracking the campaign said that the campaign appeared initially aimed at a narrow set of government-related organisations.
The pool of potential targets remains vast. According to data from Shodan, a search engine that helps to identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers. Shadowserver put the number at a little more than 9,000, while cautioning that the figure was a minimum.
Those servers include major industrial firms, banks, auditors, healthcare companies, and several US state-level and international government entities.
'The SharePoint incident appears to have created a broad level of compromise across a range of servers globally,' said Daniel Card of British cybersecurity consultancy PwnDefend.
'Taking an assumed breach approach is wise, and it's also important to understand that just applying the patch isn't all that is required here.' REUTERS
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Straits Times
3 minutes ago
- Straits Times
Spy cockroaches and AI robots: Germany plots the future of warfare
Find out what's new on ST website and app. FILE PHOTO: German Chancellor Friedrich Merz talks to soldiers in the so-called \"Forest of Remembrance\" following his visit to the Operational Command of the German armed forces Bundeswehr in Schwielowsee near Berlin, Germany, June 28, 2025. Michael Kappeler/Pool via REUTERS/File Photo MUNICH/BERLIN/FRANKFURT - For Gundbert Scherf - the co-founder of Germany's Helsing, Europe's most valuable defence start-up - Russia's invasion of Ukraine changed everything. Scherf had to fight hard to attract investment after starting his company - which produces military strike drones and battlefield AI - four years ago. Now, that's the least of his problems. The Munich-based company more than doubled its valuation to $12 billion at a fundraising last month. "Europe this year, for the first time in decades, is spending more on defense technology acquisition than the U.S.," said Scherf. The former partner at McKinsey & Company says Europe may be on the cusp of a transformation in defence innovation akin to the Manhattan Project - the scientific push that saw the U.S. rapidly develop nuclear weapons during World War Two. "Europe is now coming to terms with defense." Reuters spoke to two dozens executives, investors and policymakers to examine how Germany - Europe's largest economy - aims to play a central role in the rearming the continent. Chancellor Friedrich Merz's government views AI and start-up technology as key to its defence plans and is slashing bureaucracy to connect startups directly to the upper echelons of its military, the sources told Reuters. Shaped by the trauma of Nazi militarism and a strong postwar pacifist ethos, Germany long maintained a relatively small and cautious defence sector, sheltered by U.S. security guarantees. Germany's business model, shaped by a deep aversion to risk, has also favoured incremental improvements over disruptive innovation. No more. With U.S. military support now more uncertain, Germany - one of the biggest backers of Ukraine - plans to nearly triple its regular defence budget to around 162 billion euros ($175 billion) per year by 2029. Much of that money will go into reinventing the nature of warfare, the sources said. Helsing is part of a wave of German defence start-ups developing cutting-edge technology, from tank-like AI robots and unmanned mini-submarines to battle-ready spy cockroaches. "We want to help give Europe its spine back," said Scherf. Some of these smaller firms are now advising the government alongside established firms - so-called primes such as Rheinmetall and Hensoldt - that have less incentive to focus primarily on innovation, given their long backlogs for conventional systems, one of the sources said. A new draft procurement law, expected to be approved by Merz's cabinet on Wednesday, aims to reduce hurdles for cash-strapped start-ups to join tenders by enabling advance payment to these firms, according to a version dated June 25, reviewed by Reuters. The law would also entitle authorities to limit tenders to bidders inside the European Union. Marc Wietfeld, CEO and founder of autonomous robots maker ARX Robotics, said a recent meeting with German defence minister Boris Pistorius hammered home how deep the rethink in Berlin goes. "He told me: 'Money is no longer an excuse - it's there now'. That was a turning point," he said. GERMANY IN THE LEAD Since Donald Trump's return to the political stage and his renewed questioning of America's commitment to NATO, Germany has committed to meet the alliance's new target of 3.5% of GDP on defense spending by 2029 - faster than most European allies. Officials in Berlin have emphasized the need to foster a European defence industry rather than rely on U.S. companies. But the hurdles towards scaling up industry champions in Germany - and Europe more broadly - are considerable. Unlike in the United States, the market is fragmented in Europe. Each country has its own set of procurement standards to fulfill contracts. The United States, the world's top military spender, already has an established stable of defence giants, like Lockheed Martin and RTX, and an advantage in key areas, including satellite technology, fighter jets and precise-guided munitions. Washington also began boosting defence tech startups in 2015 - including Shield AI, drone maker Anduril and software company Palantir - by awarding them parts of military contracts. European startups until recently languished with little government support. But an analysis by Aviation Week in May showed Europe's 19 top defence spenders - including Turkey and Ukraine - were projected to spend 180.1 billion this year on military procurement compared, to 175.6 billion for the United States. Washington's overall military spending will remain higher. Hans Christoph Atzpodien, head of Germany's security and defence sector association BDSV, said one challenge was that the military's procurement system was geared toward established suppliers and not well suited to the fast pace that new technologies require. Germany's defence ministry said in a statement it was taking steps to accelerate procurement and to better integrate startups in order to make new technologies quickly available to the Bundeswehr. Annette Lehnigk-Emden, head of the armed forces' powerful procurement agency, highlighted drones and AI as emerging fields that Germany needs to develop. "The changes they're bringing to the battlefield are as revolutionary as the introduction of the machine gun, tank, or airplane," she told Reuters. SPY COCKROACHES Sven Weizenegger, who heads up the Cyber Innovation hub, the Bundeswehr's innovation accelerator, said the war in Ukraine was also changing social attitudes, removing a stigma towards working in the defence sector. "Germany has developed a whole new openness towards the issue of security since the invasion," he said. Weizenegger said he was receiving 20-30 Linkedin requests a day, compared to maybe 2-3 weekly back in 2020, with ideas for defence technology to develop. Some of the ideas under development feel akin to science fiction – like Swarm Biotactics' cyborg cockroaches that are equipped with specialised miniature backpacks that enable real-time data collection via cameras for example. Electrical stimuli should allow humans to control the insects' movements remotely. The aim is for them to provide surveillance information in hostile environments - for example information about enemy positions. "Our bio-robots - based on living insects - are equipped with neural stimulation, sensors, and secure communication modules," said CEO Stefan Wilhelm. "They can be steered individually or operate autonomously in swarms. In the first half of the 20th century, German scientists pioneered many military technologies that became global standards, from ballistic missiles to jet aircraft and guided weapons. But following its defeat in World War II, Germany was demilitarized and its scientific talent was dispersed. Wernher von Braun, who invented the first ballistic missile for the Nazis, was one of hundreds of German scientists and engineers transported to the United States in the wake of World War II, where he later worked at NASA and developed the rocket that took Apollo spacecraft to the Moon. In recent decades, defence innovation has been a powerful driver of economic progress. Tech like the internet, GPS, semiconductors and jet engines originated in military research programs before transforming civilian life. Hit by high energy prices, a slowdown in demand for its exports and competition from China, Germany's $4.75 trillion economy contracted over the last two years. Expanding military research could provide an economic fillip. "We just need to get to this mindset: a strong defense industrial base means a strong economy and innovation on steroids," said Markus Federle, managing partner at defence-focused investment firm Tholus Capital. ESCAPING 'THE VALLEY OF DEATH' Risk aversion among European investors had in the past disadvantaged startups, which struggled to get the capital they need to survive the 'valley of death' – the critical early stage when costs are high and sales low. But a boost in defence spending by European governments following Russia's invasion of Ukraine has investors looking for opportunities. Europe now boasts three start-ups with a unicorn valuation of more than $1 billion: Helsing, German drone maker Quantum Systems, and Portugal's Tekever, which also manufactures drones. "There's a lot of pressure now on Germany being the lead nation of the European defense," said Sven Kruck, Quantum's chief strategy officer. Germany has become Ukraine's second-biggest military backer after the United States. Orders that might once have taken years to approve now take months and European startups have had the opportunity to test their products quickly in the field, several sources said. Venture capital funding of European defence tech hit $1 billion in 2024, up from a modest $373 million in 2022, and is expected to surge even more this year. "Society has recognized that we have to defend our democracies," said Christian Saller, general partner at HV Capital, an investor in both ARX and Quantum Systems. Venture capital funding has grown faster in Germany than elsewhere, according to a data analysis by Dealroom for Reuters. German defence startups have received $1.4 billion in the last five years from investors, followed by UK, the data shows. Jack Wang, partner at venture capital firm Project A, said many German defence startups - rooted in the country's engineering prowess - are good at integrating established components into scalable systems. "Quality of talent in Europe is extremely high, but as a whole, there's no better country, no better talent that we've seen other than in Germany," he said. Weakness in Germany's automotive industry means there is production capacity to spare, including in the Mittelstand: the small and medium-sized enterprises (SMEs) that form the backbone of Germany's economy. Stefan Thumann, CEO of Bavarian startup Donaustahl, which produces loitering munitions, said he receives 3 to 5 applications daily from workers at automotive companies. "The startups just need the brains to do the engineering and prototyping," he said. "And the German Mittelstand will be their muscles." REUTERS
International Business Times
an hour ago
- International Business Times
Melina Frattolin's Shocking Cause of Death Revealed after Preliminary Autopsy as Her Dad Faces Murder Charges
Melina Frattolin, the nine-year-old girl who was found dead just hours after her father claimed that she was kidnapped, died from drowning, her autopsy has confirmed. Luciano Frattolin reported his daughter missing on Saturday, telling authorities she had been taken by someone driving a white van in upstate New York. However, police later said Luciano had misled the investigation after they found the young girl's lifeless body underneath a log in the shallow waters of a pond near Ticonderoga. Luciano Frattolin, a Canadian CEO, was arrested and charged with second-degree murder of his daughter on Sunday. He is currently being held in custody and has entered a not guilty plea. Bizarre Motive Behind Drowning Daughter Melina Frattolin X The autopsy has since determined that Melina's cause of death was asphyxia resulting from drowning. Frattolin, 45, who once claimed himself to be a successful coffee business owner living a lavish lifestyle, appeared in court on Monday facing charges of killing his daughter Melina during a trip to upstate New York. Captain Robert McConnell said that Frattolin killed his daughter Melina on Saturday night while they were vacationing near the scenic town of Lake George in the Adirondack Mountains, roughly 60 miles north of Albany. Luciano Frattolin's mugshot after his arrest X While police have not formally identified a motive, the timeline presented during Monday's press conference suggests that the alleged murder took place just as Luciano was preparing to give custody of his daughter. The pair was last seen on surveillance video in Saratoga Springs around 5:30 p.m. on Saturday, police said. Young Melina sounded completely normal when she spoke with her mother on the phone around 6:30 p.m., just before she and her father were supposed to catch a flight back to Quebec, police said. Father's Mental Health in Question Luciano reportedly was struggling to keep up with child support payments—and shared bizarre social posts claiming the young girl had turned his life upside down. Frattolin, who was born in Ethiopia, praised Melina on the official website of his Montreal-based coffee business, Gambella Coffee, describing her as "beautiful" and "the light of his life." However, the write-up also revealed unsettling clues about his troubled mental state. Luciano Frattolin with his daughter Melina Instagram He admitted struggling to cope with his daughter's "messy art projects" and "chaotic" toys, because of his obsession with keeping "perfect order" in his home. In the biography—which has since been removed from the web—he also referenced a life marked by deep personal struggles, mentioning experiences with "racism," "feelings of isolation," and the loss of his father as a teenager. Frattolin hints at an "unfortunate event" in 2019 that he claimed had a serious impact on his mental health and forced him onto a "long and arduous" path toward healing. Luciano Frattolin with his daughter Melina Instagram Police revealed during a press conference on Monday that he became estranged from his ex-wife that same year. Alongside emotional turmoil and a strained relationship with his former spouse, Frattolin was also dealing with over $200,000 in debt linked to his business ventures in Montreal. Since 2020, the struggling businessman had been renting a property in Montreal's trendy Mile End neighborhood, which he subleased on Airbnb, according to La Presse. He hired two property managers to run the venture, including handling rent payments—allowing him to use the remaining income to cover child support, according to court records reviewed by the outlet. However, his lease was terminated by the landlord in August 2024 after he fell behind by $26,000 in rent. He was subsequently barred from accessing the property, where he claimed he kept his daughter's winter clothes and toys. Frattolin is now suing the property managers for more than $115,000, alleging they misused the rental unit without his consent and failed to pay the rent as agreed, according to Le Devoir. In response, the property managers accused Frattolin of planning to empty his bank account and leave the country — a claim he has denied. Luciano Frattolin with his daughter Melina Instagram A former staff member at Dépanneur Café, a coffee shop previously owned by Frattolin, said he had been splitting his time between Italy and Canada over the past year and a half. Frattolin reportedly still owes the Bank of Nova Scotia around $83,000 related to that business. The bank also claims he is responsible for another $97,000 in unpaid credit card debt from Café Gambella, a second coffee venture that shares its name with his online coffee brand. However, Frattolin's Instagram painted a starkly different picture of his finances, filled with images of luxurious travel, high-end sports cars, and captions like "I'm truly addicted to Porsche."
Straits Times
an hour ago
- Straits Times
Turkey nears Eurofighter jet procurement with UK deal, German approval
Find out what's new on ST website and app. Turkish Defence Minister Yasar Guler and British Defence Secretary John Healey attend a signing ceremony on the sidelines of the International Defence Industry Fair (IDEF) in Istanbul, Turkey, July 23, 2025. REUTERS/Dilara Senkaya ISTANBUL - Turkey and Britain signed a preliminary deal allowing Ankara to operate Eurofighter Typhoon jets on Wednesday while Germany approved the delivery of 40 jets, which Turkey has sought to bolster defences in an increasingly volatile region. NATO member Turkey has leaned on its own defence industry projects, including domestic jets, and foreign acquisitions to ramp up deterrence. Beyond the Eurofighters, it is in talks with Washington to buy 40 F-16s. Separately, the German government has cleared the way for the delivery of 40 Eurofighter Typhoon jets to Turkey following a positive decision by the federal security council, the Spiegel news magazine reported on Wednesday. The German defence ministry declined to comment and the federal council, whose approval is needed for arms exports, does not generally comment on its decisions. Ankara has been in talks since 2023 to purchase 40 Eurofighter Typhoons, which are built by a consortium of Germany, Britain, Italy and Spain, represented by Airbus, BAE Systems and Leonardo. Defence Minister Yasar Guler, at a signing ceremony with British Defence Secretary John Healey in Istanbul, said the agreements would strengthen bilateral ties and boost the NATO alliance's air power, while supporting Ankara's aerial capabilities. "We welcome this positive step toward our country joining the Eurofighter Typhoon club, and want to reiterate our mutual ambition to complete the necessary arrangements as soon as possible," he said. Top stories Swipe. Select. Stay informed. Singapore Singapore's domestic recycling rate drops to all-time low of 11% Singapore Sota parent portal taken down for urgent patching following global cyberattack alerts Singapore HDB launches 10,209 BTO and balance flats, as priority scheme for singles kicks in Singapore Local buyers are key to recovery of prime district condo market Singapore New online channel for public to report illegal ride-hailing services Singapore Ex-Tanjong Pagar United footballer charged with assault after Singapore Premier League match in Feb Singapore COE prices for cars mostly unchanged; premium for commercial vehicles up 2.9% Singapore Cyclist charged after allegedly hitting elderly pedestrian, killing him The agreement comes after weeks of positive statements from Ankara and the Eurofighter consortium on the sale, with Turkish President Tayyip Erdogan praising the German and British stance on the issue this week. REUTERS
