US warns about Microsoft Sharepoint cyber vulnerability
Computer security experts say hackers have exploited the loophole and potentially compromised private and public computer networks in the US.
The individual or groups behind the software exploitation is not yet known.
'The incident reveals the growing sophistication of threat actors who have gained internal access to an environment and can now leverage existing resources (like Microsoft Exchange, SharePoint,) to conduct nefarious missions beyond just ransomware attacks, like 'wiper' malware that deletes data,' said Morey Haber, a chief security adviser at cyber security company BeyondTrust.
Mr Haber said Microsoft appears to have responded quickly once the vulnerability to Sharepoint was identified, but added that for some, it might be too little, too late.
'Considering the speed of exploitation, some organisations may be waking up Monday morning to a fresh series of attacks,' he explained.
The various editions of Microsoft Sharepoint are also making it more difficult to provide a one-size-fits-all solution.
Microsoft pointed out that it released a security update for SharePoint 2019, and that other fixes would be on the way.
'We are actively working on updates for SharePoint 2016,' the Redmond, Washington software company posted on X.
Santiago Pontiroli, lead researcher at cyber protection company Acronis, shared more some perspective as to the scale and affect of the cyber attack.
'This incident continues a trend of high-impact attacks against Microsoft infrastructure, including the Exchange mass exploitation in 2021 and the 2023 cloud email breach,' he said.
'Over the past several years, state-aligned and advanced persistent threat groups have repeatedly abused vulnerabilities in Microsoft platforms to gain initial access, steal sensitive data, and establish long-term footholds in enterprise networks.'
Microsoft does, however, invest heavily in trying to prevent such breaches from occurring.
Federal law enforcement agencies regularly work with the company and have a presence at the company's cyber crime centre in Redmond.
That said, Mr Pontiroli pointed out that cyber security is a continuing game of whack-a-mole, and that companies and entities using Sharepoint should take it seriously.
'Organisations still running on-premises SharePoint need to act now,' he said. 'Apply the latest updates, monitor for signs of compromise, and assume exposure if systems were only partially patched.'
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The National
10 hours ago
- The National
Gamers in Saudi Arabia, Qatar and Turkey most affected by malware campaign
Gamers in the Middle East have been heavily hit by a malware campaign that promotes fake beta versions of video games, cyber security experts have warned. Consumers in Saudi Arabia, Qatar and Turkey have been the most impacted by the campaign, according to cyber protection company Acronis. Its threat research group said malware is spreading through the use of Discord, a video, audio and texting platform popular with gamers around the world. The campaign pretends to promote beta versions of games titled Baruda Quest, Warstorm Fire and Dire Talon, but they are actually software that steals personal information and payment, login and crypto wallet data. 'This underscores the urgent need for awareness among regional gamers who are particularly active on platforms like Discord, where much of the malicious content is distributed,' Acronis said in a statement. Jozsef Gegeny, a senior researcher at the cyber security company, said that unlike most malware campaigns, this one also targets people considered to have decent technical knowledge. While corporations and organisations have ramped up cyber security, not enough of that messaging is reaching recreational technology users, he said. 'That's why it's important for the cybersecurity community to shine a light on threats that target individuals and not just corporations,' he said. 'This campaign shows that even well-informed users can be tricked.' The Middle East is particularly vulnerable to attacks due to the recent and rapid increase in video game popularity, making it one of the fastest-growing gaming markets. In 2020, the Middle East gaming industry was valued at approximately $4.8 billion, according to market research firm Newzoo. Five years later, Acronis said, that figure has climbed to more than $7 billion. In February, Power League Gaming chief executive Matthew Pickering said the region's high percentage of young people is helping the industry flourish, but it is also winning over the older demographic as a way to build confidence and sharpen analytical skills. 'Esports is now a solid career path,' he said. It is not yet clear who is responsible for spreading malware targeting the gaming community, but Acronis said it was first detected in the US and Brazil. The company added that the campaign is taking advantage of gamers' appetite to stay ahead of the curve. 'This campaign exploits the enthusiasm of the gaming community, particularly those eager to access unreleased or early-access content,' it said.
Tahawul Tech
a day ago
- Tahawul Tech
DLSS 4 Archives
"@Cisco helps customers adapt to sophisticated threats in multi-cloud environments". Learn more about Westcon Comstor and @Teksalah's involvement in this collaboration below. #WestconComstor #Cisco #Teksalah #tahawultech
Zawya
2 days ago
- Zawya
Trump says he wants Musk and his companies to thrive in US
President Donald Trump said on Thursday he would not destroy Elon Musk's companies by taking away federal subsidies and that he wants the billionaire tech-entrepreneur's businesses to thrive. "Everyone is stating that I will destroy Elon's companies by taking away some, if not all, of the large scale subsidies he receives from the U.S. Government. This is not so!," Trump said in a social media post. "I want Elon, and all businesses within our Country, to THRIVE." Trump's statement follows a public clash with his former close ally on June 5 over his tax bill. Musk warned Tesla investors on Wednesday that U.S. government cuts in support for electric vehicle makers could lead to a "few rough quarters" for the company. A week after the spat in June, Reuters reported the White House had directed the Defense Department and NASA to gather details on billions of dollars in SpaceX contracts to ready possible retaliation against the businessman and his companies. Musk spent more than a quarter of a billion dollars to help Trump win November's presidential election and led the Department of Government Efficiency's chaotic effort to slash the budget and cut the federal workforce. The Tesla CEO left the administration in late May to refocus on his tech empire. Trump and Musk fell out shortly afterward when Musk openly denounced the Republican president's tax-cut and spending bill, leading to threats by Trump to cancel billions of dollars worth of federal government contracts with Musk's companies. Musk's SpaceX had been considered a frontrunner to build out Trump's $175 billion Golden Dome missile defense shield and remains a natural choice for key elements of the project. But sources familiar with the matter told Reuters earlier this week that the administration is expanding its search for partners to build Golden Dome as tensions with Musk threaten SpaceX's dominance in the program. (Reporting by Bhargav Acharya in Toronto; Editing by Doina Chiacu and Philippa Fletcher)
