Researchers say hackers exploited a security flaw in software widely used by governments, businesses
Listening to articles is free for open-access content—explore other articles or learn more about text-to-speech.
The breaches in the United States and other countries took advantage of a disastrous security flaw that drew attention this month, after Microsoft issued a patch that fixed only part of the problem in SharePoint.
Hackers connected to the Chinese Government were behind at least some of the widespread attacks in the past few days on organisations that use collaboration software from Microsoft, defenders working on the intrusions said in interviews.
The breaches in the United States and other countries took advantage of a disastrous security flaw that drew attention this month, after Microsoft issued a patch that fixed only part of the problem in SharePoint, which is widely used to co-ordinate work on documents and projects.
'We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor,' said Charles Carmakal, chief technology officer of Google's Mandiant Consulting.
Another researcher, who, like others, spoke on the condition of anonymity because the inquiry is still under way, said federal investigators have evidence of US-based servers linked to compromised SharePoint systems connecting to internet protocol addresses inside China last week.
The FBI, the White House, and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency declined to comment today.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
10 hours ago
- Scoop
Premium Synthetic Grass Solutions Support Low-Maintenance Lawns Across New Zealand
Lifestyle Lawns, a New Zealand-based supplier and installer of artificial turf, continues to provide synthetic grass solutions for residential, commercial, and public spaces nationwide. The company's products are designed for a range of applications, including homes, schools, sports fields, and commercial properties. Artificial turf has become increasingly popular as an alternative to natural grass, offering a green, low-maintenance surface that does not require mowing, watering, or fertilising. Lifestyle Lawns supplies a variety of options with pile heights ranging from 30mm to 40mm, all featuring CoolTouch™ technology to reduce surface heat and antibacterial infill for improved hygiene—particularly in areas used by children and pets. The company's artificial lawn installation services are available throughout Christchurch and other regions across New Zealand. Each project involves the preparation of a stable base and the installation of turf engineered for drainage and durability. According to the company, its products are UV-resistant and designed to retain their colour and structure under local weather conditions. Lifestyle Lawns is also recognised for providing synthetic grass installation for a variety of environments, from backyard lawns to gym sled tracks and school playgrounds. The turf is fully recyclable and can be installed over a range of surfaces, provided appropriate ground preparation is undertaken. For those interested in self-installation, the company offers DIY kits and guidance. The business reports that artificial turf is increasingly chosen for its ability to reduce ongoing maintenance and environmental impact, such as water use and chemical treatments. Lifestyle Lawns provides a 10-year warranty on its grass products and a 16-year warranty on its antibacterial infill. For further information or to request a sample, Lifestyle Lawns can be contacted through its website.
Otago Daily Times
11 hours ago
- Otago Daily Times
Angry protests in Bangladesh as plane crash toll mounts
Police have used tear gas to disperse angry students in Bangladesh who demanded answers from the interim government after an air force fighter jet crashed into a Dhaka school and killed 31 people, at least 25 of them children. The children, many aged under 12, were about to return home from class on Monday when the Chinese-manufactured F-7 BGI Bangladesh Air Force jet ploughed into their school and burst into flames, trapping pupils in the fire and debris. The military said it had suffered mechanical failure. Students from the school and others from nearby colleges protested as two government officials visited the crash site, demanding an accurate death toll and shouting, "Why did our brothers die? We demand answers!" Elsewhere in the capital, hundreds of protesting students, some of them waving sticks, broke through the main gate of the federal government secretariat, demanding the resignation of the education adviser, according to local TV footage. Police baton-charged them, fired tear gas and used sound grenades to disperse the crowd, leaving dozens injured, witnesses said. Dhaka Metropolitan Police Deputy Commissioner Talebur Rahman said they had to use tear gas to disperse the protesters. He said he did not have information on the number of injured. Rescue workers continued to scour the charred buildings for debris on Tuesday as distressed residents of the area looked on. Some parents were inconsolable. Abul Hossain broke down as he spoke about his nine-year-old daughter, Nusrat Jahan Anika, killed in the crash. "I took her to school yesterday morning like every day. I had no idea it would be the last time I would be seeing her," he said. She was buried on Monday night. Rubina Akter said her son Raiyan Toufiq had a miraculous escape after his shirt caught fire when he was on a staircase. "He sprinted to the ground floor and jumped on the grass to douse it," she said. "He tore his shirt and vest inside, which saved him from severe burns." The jet had taken off from a nearby air base on a routine training mission, the military said. After experiencing mechanical failure the pilot tried to divert the aircraft away from populated areas, but it crashed into the campus. The pilot was among those killed. On Tuesday, the military said in a statement that 31 people had died and 165 had been admitted to hospitals in the city. The health ministry said 68 remained in hospital and the condition of 10 of them was critical. STUDENT DEMANDS The government announced a day of mourning, with flags at half-mast and special prayers at all places of worship. Pope Leo said he was deeply saddened to learn of the loss of life in the crash and prayed that families and friends may be consoled in their grief, and for the healing and comfort of the injured, according to a Vatican statement. The protesting students called for those killed and injured to be named, the decommissioning of what they said were old and risky jets, and a change in air force training procedures. A statement from the press office of Muhammad Yunus, the country's interim administrator, said that the government, the military, school and hospital authorities were working together to publish a list of victims. It also said the air force will be told not to operate training aircraft in populated areas. The F-7 BGI is the final and most advanced variant in China's Chengdu J-7/F-7 aircraft family, according to Jane's Information Group. Bangladesh signed a contract for 16 aircraft in 2011 and deliveries were completed by 2013. The Chengdu F-7 is the licence-built version of the Soviet era MiG-21. The incident comes as neighbour India is still grappling with the world's worst aviation disaster in a decade after an Air India plane crashed into a medical college hostel in Ahmedabad last month, killing 241 of the 242 people on board and 19 on the ground. Bangladesh has faced months of political uncertainty after then Prime Minister Sheikh Hasina was forced to flee the country last August following weeks of deadly student protests. The interim government of Nobel laureate Yunus has promised to hold elections next year amid mounting demands from political parties to advance them.
Techday NZ
12 hours ago
- Techday NZ
Microsoft launches Sentinel data lake to cut storage costs
Microsoft has unveiled an expansion of its security information and event management solution, Microsoft Sentinel, introducing a new security data lake designed to address both the cost and capability challenges faced by cybersecurity teams. The newly-launched Sentinel data lake aims to reduce costs associated with security data retention, claiming storage fees at less than 10% of those found with traditional analytics log storage options. According to Microsoft, this move is intended to help security teams retain all relevant data affordably, making incident detection and response faster and more accurate. Data challenges Security operations teams have long contended with the challenge of managing increasing volumes of data while controlling costs. Microsoft stated, "You can't protect what you can't see. Security operations teams have long been faced with the challenge of managing massive, fast-growing datasets, and the cost of scaling traditional data management tools to handle these data volumes has become unsustainable. We're evolving our industry-leading Security Incidents and Event Management solution (SIEM), Microsoft Sentinel, to include a modern, cost-effective data lake. By unifying all your security data, Microsoft Sentinel data lake, now in public preview, accelerates agentic AI adoption and drives unparalleled visibility, empowering teams to detect and respond faster. With Sentinel data lake, you're no longer forced to choose between retaining critical data and staying within budget." The new architecture is said to bring together security data from both Microsoft and third-party sources using over 350 native connectors. It is positioned as a foundation for artificial intelligence-powered detection, allowing security teams to hunt for threats over extended time frames and perform detailed forensic analysis without compromising on data retention due to cost constraints. Microsoft further said, "Breaking down data silos for better security... Siloed data means missed cyberthreats, delayed investigations, and underutilized tools." The aim is to unify data and enable better threat visibility and collaboration within security teams. Threat intelligence integration In addition to the data lake, Microsoft has also announced the integration of Microsoft Defender Threat Intelligence (MDTI) into both Sentinel and Defender XDR at no additional cost. This integration is pitched as an effort to provide security teams with access to a substantial repository of frontline threat intelligence, which processes signals from what Microsoft says are 84 trillion daily data points, and is supported by over 10,000 security specialists. The company stated, "To further help defenders get the most out of their data, we're democratizing threat intelligence by converging Microsoft Defender Threat Intelligence (MDTI) capabilities into Defender XDR and Sentinel at no additional cost; this means that security teams will no longer need to buy a separate SKU to access these powerful features." These changes will be rolled out over time, with all Microsoft first-party threat reports, including intelligence profiles and indicators of compromise (IoCs), expected to become available through Defender XDR. The plan is also to incorporate IoCs into Sentinel's case management, allowing customers to share threat intelligence across teams inside their organisations, with further features scheduled to follow. Industry support "Microsoft's vision for Sentinel data lake reflects what matters most in cybersecurity: clarity, scale, and real-world impact. With more than 1,200 Sentinel deployments worldwide, BlueVoyant has seen the need firsthand. Large scale data challenges are now the norm. Sentinel data lake marks a natural evolution of the SIEM and SOAR model, one that critically supports modern analytics, data science, and flexible ingestion strategy. It is a critical step forward for customers looking to modernize their security operations." - Milan Patel, Chief Revenue Officer at BlueVoyant Industry partners have responded to Microsoft's expanded offering and its intent to simplify data management while providing a robust foundation for AI-driven security operations. "For cyber teams, the massive proliferation of data can misdirect focus or delay responses to genuine [cyber]threats. Microsoft Sentinel data lake can be a valuable tool for data centralization and visibility and for historical analysis across large volumes of datasets. Together with Microsoft, Accenture can help our clients leverage the data lake to extend the power of Microsoft Sentinel to supercharge attack detection and proactive remediation." - Rex Thexton, Chief Technology Officer, Accenture Security Microsoft's approach aims to aid organisations in moving between real-time analytics and historical analysis from a single portal. The solution is designed to support custom machine learning workflows, analytics, and integration with tools familiar to security teams, all based on open data formats. "The [cyber]attack surface is expanding with every application and AI application deployed across hybrid cloud environments, and AI-powered attacks are evolving just as fast. What many organizations still lack isn't just better tools - it's real-time visibility of their IT estate, their configurations and business context. To understand their full exposure, organizations need the right asset intelligence and a shared industry effort. The new Microsoft Sentinel data lake represents a valuable step in that direction; IBM is committed to working across the ecosystem to help solve that challenge." - Srini Tummalapenta, IBM Distinguished Engineer, Chief Technology Officer for IBM Consulting Cybersecurity Services AI readiness measures Microsoft stated that centralising data enriches its AI models, such as Security Copilot, giving them full context to detect sophisticated patterns of cyberattack, correlate signals over extended time spans, and produce high-fidelity alerts. The company explained, "Centralizing your data in a threat intel-enriched data lake eliminates silos and ensures AI models like Security Copilot have the full context they need to detect subtle cyberattack patterns, correlate signals across time and space, and surface high-fidelity alerts. This creates the foundation for the future of agentic defense where AI doesn't just assist, it acts." Microsoft Sentinel data lake is now in public preview and available for customer onboarding as part of the company's continuing development of an integrated security operations platform.
