Microsoft server software comes under widespread cyberattack
The Redmond, Washington-based software maker, said it had released a new security patch for customers to apply to their SharePoint servers 'to mitigate active attacks targeting on-premises servers,' adding it was working to roll out others. The vulnerability allowed hackers to access file systems and internal configurations, as well as execute code, the US Cybersecurity and Infrastructure Security Agency said.
Cybersecurity firms cautioned that a broad section of organisations around the world could be affected by the breach. Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys, estimated that more than 10,000 companies with SharePoint servers were at risk. The United States had the largest number of those companies, followed by the Netherlands, the United Kingdom and Canada, he said.
'It's a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,' he added.
Palo Alto Networks Inc warned that 'these exploits are real, in-the-wild, and pose a serious threat.' Google Threat Intelligence Group said in an e-mailed statement it had observed hackers exploiting the vulnerability, adding it allows 'persistent, unauthenticated access and presents a significant risk to affected organisations.'
'When they're able to compromise the fortress that is SharePoint, everybody is kind of at their whim because that is one of the highest security protocols out there,' said Gene Yu, CEO of Singapore-based cyber incident response firm Blackpanda.
The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers.
Researchers at Eye Security were the first to identify the vulnerability, Cutler said. They reported an intrusion on Friday resembling one identified earlier in the week in a demo by researchers Code White GmbH, which reproduced vulnerabilities presented by others at the Pwn2Own hacking contest.
Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems.
A Microsoft spokesperson declined to comment beyond the company's statement.
Microsoft has faced a series of recent cyberattacks, warning in March that Chinese hackers were targeting remote management tools and cloud applications to spy on a range of companies and organisations in the US and abroad.
The Cyber Safety Review Board, a White House-mandated group designed to examine major cyberattacks, said last year that Microsoft's security culture was 'inadequate' following the 2023 hack of the company's Exchange Online mailboxes. In that incident, hackers were able to breach 22 organizations and hundreds of individuals, including former US Commerce Secretary Gina Raimondo.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Bangkok Post
7 hours ago
- Bangkok Post
Exporters urged to utilise B2B platforms
Thai exporters should enter online business-to-business (B2B) platforms to capitalise on the dynamics of global buyers seeking new sources of suppliers amid global trade uncertainty. Among the top markets that are interested in Thai products are the US, Pakistan, India, Bangladesh and the Philippines. Global B2B e-commerce has continued to post double-digit growth for five consecutive years, with projections suggesting the value will reach US$3.6 trillion by 2026. "Global trade uncertainties are reshaping sourcing strategies, creating opportunities for suppliers," said Owen Zhou, senior channel operations for Thailand and the Philippines at Alibaba International Digital Commerce Group -- ICBU-APAC South. He was speaking on Wednesday at Regional Trade Exponential Fest 2025, a seminar organised by the International Institute for Trade and Development (ITD). He added that before 2017, only had Chinese suppliers operating export businesses on its platform. After 2017, it opened for suppliers around the world to join it to carry out export business. Now it is one of the largest B2B e-commerce platforms. The top buyers are the US, Canada, Japan, Asean, Europe, China and the Middle East. The US market remains one of its largest and most important buyer markets. However, economic conditions vary across regions, and the US economy is currently at a different stage compared to others. "Right now, we see significant opportunities emerging in the Middle East and Europe, where shifting dynamics may allow these regions to capture a larger share of global demand, potentially overtaking traditional US-based buyers," Mr Zhou told the Bangkok Post. "We're also seeing growing international demand for high-quality products that are manufactured using fair and transparent processes. This presents a strong opportunity for Thai manufacturers to expand their exports globally." He also sees a diverse and evolving buyer landscape within There are new buyers such as social media-based sellers like those found on TikTok, Facebook and Instagram, who engage in small quantity, high frequency purchases for testing and referral sales. Despite having fewer than 1,000 customers in Thailand since starting operations in 2017, Mr Zhou sees great potential for Thai industries beyond the currently dominant food, beverage, agriculture, beauty and healthcare sectors to join and expand their export businesses. "We aim to have 2,000 suppliers in Thailand this year," said Mr Zhou. According to its platform, the leading importers of Thai products are the US, valued at $5.82 billion, followed by Hong Kong ($5.24 billion), Japan ($5 billion), China ($4.6 billion) and South Korea ($1.85 billion). He said that provides a suite of advanced tools to facilitate online trade. Sellers can post product videos, factory videos and conduct livestreams to build trust and provide detailed product views. To overcome language barriers in cross-border trade, its artificial intelligence (AI)-powered translation function automatically translates conversations between local languages and the recipient's language, making international business convenient. AI capabilities can generate keywords, optimise titles, create product descriptions, generate product images and even automatically generate product videos from input images, names and scenarios. "Now it's 2025, there's no problem with languages. We have AI and we have our translate function." The platform leverages over 25 years of data accumulation and analysis in the foreign trade sector, boasting more than 20 million active B2B buyers and over $400 billion in transaction records. Suphakit Chareonkul, ITD's executive director, said today it is no longer sufficient to have only a successful product and determination. Businesses require vision, strategy, networks and continuous flexibility. He noted that the World Bank predicts global economic growth will slow to 2.3% in 2025, a stern warning that countries like Thailand must accelerate their adaptation to trade restrictions and evolving global logistics. "We also provide the 'ITD Expert Anywhere' application for entrepreneurs to access and consult with for international business through its experts." Mr Suphakit added that regional markets are expanding, while digital technologies are carving out new paths.
Bangkok Post
a day ago
- Bangkok Post
Chinese firms urged to deepen Asean roots as US cracks down on transshipments
ALAMEDA — Beijing should encourage its firms to deepen integration with Southeast Asian economies instead of using the region as a transshipment route to the United States, according to a senior regional economist - as Washington threatens the export-reliant region with high tariffs. Transshipments drew attention earlier this month after the US announced tariffs on imports from Vietnam and 23 other trading partners. US President Donald Trump warned that imports diverted through Vietnam would face a 40% tariff - double the 20% levy on goods made in the Southeast Asian nation. "Of course, [Southeast Asian authorities] would check the country of origin for products," said Dong He, chief economist at the Singapore-based Asean+3 Macroeconomic Research Office (AMRO), on Tuesday, adding that some already have agreements with the US to do so. Chinese officials should also "encourage their firms to become more deeply ingrained or integrated with local economies" in the Association of Southeast Asian Nations (Asean), he said. While the Chinese government seeks to protect its exports, businesses should have the autonomy to make long-term decisions about their role in local economies, which would also protect them from unpredictable tariff rates, he added. Imports from China face an average tariff rate of 42%, according to Morgan Stanley estimates, while other Asian countries face rates of 25 to 40% starting Aug 1. Since the US launched a trade war against China in 2018, Beijing has stepped up trade and investment with Asean countries. The goods trade between China and the bloc reached US$982.34 billion last year, up 7.8% from 2023, customs data showed - consolidating the bloc as China's top trade partner. Trump announces fresh tariffs Vietnam, in particular, has drawn attention due to an influx of Chinese investment in its factories since Trump's first term - though it remains unclear exactly how Trump's transshipment clause will work in practice. Before Trump took office in January, officials in Malaysia and Thailand said they would not permit transshipments to the US. On Tuesday, the White House announced it had agreed a trade deal with Indonesia that would see the US reduce its proposed tariff rate to 19% in return for Indonesia eliminating tariff barriers on a "full range" of US industrial and food products. A similar deal has also been struck with the Philippines. Meanwhile, Trump said on his Truth Social account that his government had reached a separate deal with Japan to cut US tariffs to 15% in exchange for Japan opening its market to more American products and investing $550 billion in the US. Some Asian countries are also eyeing China's yuan currency as a partial "backup" to the US dollar in case the dollar underperforms or becomes unreliable, as "low" yuan interest rates could enhance its role as an "important funding currency", He said. China has made progress in addressing "legacy issues" in its economy this year, including property market woes and local government debt, the economist said. That headway gives it more space to develop sectors such as "advanced services", he added. On Wednesday, AMRO's Regional Economic Outlook forecast China's growth at 4.5% for this year and 4.1% for 2026 - lower than April predictions of 4.8% and 4.7%, respectively. The Asian Development Bank (ADB), however, on Wednesday held China's 2025 growth forecast at 4.7% and its forecast for next year at 4.3%, unchanged from April projections. AMRO said the Asean+3 region - Southeast Asia plus China, Japan and South Korea - was projected to grow by 3.8% in 2025 and 3.6% in 2026, down from earlier forecasts of 4.2% and 4.1%, partly due to "evolving US tariff measures".
Bangkok Post
2 days ago
- Bangkok Post
Malaysia to establish data centre framework to streamline policies
KUALA LUMPUR - Malaysia will establish a data centre framework in October to streamline policies and development in the sector, the trade and digital ministries said on Tuesday. The Malaysian Investment Development Authority will be the main agency to approve all new data centre projects and investments, as well as the expansion of existing projects, the ministries said in a joint statement. Malaysia has recently seen a boom in data centres, driven by growing demand for artificial intelligence, with technology giants like Microsoft, Nvidia, Alphabet's Google and ByteDance announcing billions of dollars of investments in the country since the beginning of last year. Data centre facilities in the Southeast Asian country are projected to quadruple in the next decade from the current 18. The government's framework will ensure that policies are aligned with data centre planning in a way that will drive the growth of Malaysia's digital economy, the ministries said. "Transparent and thorough policies are important to continue reassuring investors about the goals of sustainable growth in the country's digital economy for the benefit of the Malaysian people and business sectors," Digital Minister Gobind Singh Deo said in the statement.
