Microsoft server software comes under widespread cyberattack
The Redmond, Washington-based software maker, said it had released a new security patch for customers to apply to their SharePoint servers 'to mitigate active attacks targeting on-premises servers,' adding it was working to roll out others. The vulnerability allowed hackers to access file systems and internal configurations, as well as execute code, the US Cybersecurity and Infrastructure Security Agency said.
Cybersecurity firms cautioned that a broad section of organisations around the world could be affected by the breach. Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys, estimated that more than 10,000 companies with SharePoint servers were at risk. The United States had the largest number of those companies, followed by the Netherlands, the United Kingdom and Canada, he said.
'It's a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,' he added.
Palo Alto Networks Inc warned that 'these exploits are real, in-the-wild, and pose a serious threat.' Google Threat Intelligence Group said in an e-mailed statement it had observed hackers exploiting the vulnerability, adding it allows 'persistent, unauthenticated access and presents a significant risk to affected organisations.'
'When they're able to compromise the fortress that is SharePoint, everybody is kind of at their whim because that is one of the highest security protocols out there,' said Gene Yu, CEO of Singapore-based cyber incident response firm Blackpanda.
The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers.
Researchers at Eye Security were the first to identify the vulnerability, Cutler said. They reported an intrusion on Friday resembling one identified earlier in the week in a demo by researchers Code White GmbH, which reproduced vulnerabilities presented by others at the Pwn2Own hacking contest.
Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems.
A Microsoft spokesperson declined to comment beyond the company's statement.
Microsoft has faced a series of recent cyberattacks, warning in March that Chinese hackers were targeting remote management tools and cloud applications to spy on a range of companies and organisations in the US and abroad.
The Cyber Safety Review Board, a White House-mandated group designed to examine major cyberattacks, said last year that Microsoft's security culture was 'inadequate' following the 2023 hack of the company's Exchange Online mailboxes. In that incident, hackers were able to breach 22 organizations and hundreds of individuals, including former US Commerce Secretary Gina Raimondo.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Bangkok Post
16 hours ago
- Bangkok Post
Chinese firms urged to deepen Asean roots as US cracks down on transshipments
ALAMEDA — Beijing should encourage its firms to deepen integration with Southeast Asian economies instead of using the region as a transshipment route to the United States, according to a senior regional economist - as Washington threatens the export-reliant region with high tariffs. Transshipments drew attention earlier this month after the US announced tariffs on imports from Vietnam and 23 other trading partners. US President Donald Trump warned that imports diverted through Vietnam would face a 40% tariff - double the 20% levy on goods made in the Southeast Asian nation. "Of course, [Southeast Asian authorities] would check the country of origin for products," said Dong He, chief economist at the Singapore-based Asean+3 Macroeconomic Research Office (AMRO), on Tuesday, adding that some already have agreements with the US to do so. Chinese officials should also "encourage their firms to become more deeply ingrained or integrated with local economies" in the Association of Southeast Asian Nations (Asean), he said. While the Chinese government seeks to protect its exports, businesses should have the autonomy to make long-term decisions about their role in local economies, which would also protect them from unpredictable tariff rates, he added. Imports from China face an average tariff rate of 42%, according to Morgan Stanley estimates, while other Asian countries face rates of 25 to 40% starting Aug 1. Since the US launched a trade war against China in 2018, Beijing has stepped up trade and investment with Asean countries. The goods trade between China and the bloc reached US$982.34 billion last year, up 7.8% from 2023, customs data showed - consolidating the bloc as China's top trade partner. Trump announces fresh tariffs Vietnam, in particular, has drawn attention due to an influx of Chinese investment in its factories since Trump's first term - though it remains unclear exactly how Trump's transshipment clause will work in practice. Before Trump took office in January, officials in Malaysia and Thailand said they would not permit transshipments to the US. On Tuesday, the White House announced it had agreed a trade deal with Indonesia that would see the US reduce its proposed tariff rate to 19% in return for Indonesia eliminating tariff barriers on a "full range" of US industrial and food products. A similar deal has also been struck with the Philippines. Meanwhile, Trump said on his Truth Social account that his government had reached a separate deal with Japan to cut US tariffs to 15% in exchange for Japan opening its market to more American products and investing $550 billion in the US. Some Asian countries are also eyeing China's yuan currency as a partial "backup" to the US dollar in case the dollar underperforms or becomes unreliable, as "low" yuan interest rates could enhance its role as an "important funding currency", He said. China has made progress in addressing "legacy issues" in its economy this year, including property market woes and local government debt, the economist said. That headway gives it more space to develop sectors such as "advanced services", he added. On Wednesday, AMRO's Regional Economic Outlook forecast China's growth at 4.5% for this year and 4.1% for 2026 - lower than April predictions of 4.8% and 4.7%, respectively. The Asian Development Bank (ADB), however, on Wednesday held China's 2025 growth forecast at 4.7% and its forecast for next year at 4.3%, unchanged from April projections. AMRO said the Asean+3 region - Southeast Asia plus China, Japan and South Korea - was projected to grow by 3.8% in 2025 and 3.6% in 2026, down from earlier forecasts of 4.2% and 4.1%, partly due to "evolving US tariff measures".
Bangkok Post
2 days ago
- Bangkok Post
Malaysia to establish data centre framework to streamline policies
KUALA LUMPUR - Malaysia will establish a data centre framework in October to streamline policies and development in the sector, the trade and digital ministries said on Tuesday. The Malaysian Investment Development Authority will be the main agency to approve all new data centre projects and investments, as well as the expansion of existing projects, the ministries said in a joint statement. Malaysia has recently seen a boom in data centres, driven by growing demand for artificial intelligence, with technology giants like Microsoft, Nvidia, Alphabet's Google and ByteDance announcing billions of dollars of investments in the country since the beginning of last year. Data centre facilities in the Southeast Asian country are projected to quadruple in the next decade from the current 18. The government's framework will ensure that policies are aligned with data centre planning in a way that will drive the growth of Malaysia's digital economy, the ministries said. "Transparent and thorough policies are important to continue reassuring investors about the goals of sustainable growth in the country's digital economy for the benefit of the Malaysian people and business sectors," Digital Minister Gobind Singh Deo said in the statement.
Bangkok Post
3 days ago
- Bangkok Post
Microsoft server software comes under widespread cyberattack
Microsoft Corp's server software was exploited by unidentified hackers, with analysts warning of widespread cybersecurity breaches across the globe. The Redmond, Washington-based software maker, said it had released a new security patch for customers to apply to their SharePoint servers 'to mitigate active attacks targeting on-premises servers,' adding it was working to roll out others. The vulnerability allowed hackers to access file systems and internal configurations, as well as execute code, the US Cybersecurity and Infrastructure Security Agency said. Cybersecurity firms cautioned that a broad section of organisations around the world could be affected by the breach. Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys, estimated that more than 10,000 companies with SharePoint servers were at risk. The United States had the largest number of those companies, followed by the Netherlands, the United Kingdom and Canada, he said. 'It's a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,' he added. Palo Alto Networks Inc warned that 'these exploits are real, in-the-wild, and pose a serious threat.' Google Threat Intelligence Group said in an e-mailed statement it had observed hackers exploiting the vulnerability, adding it allows 'persistent, unauthenticated access and presents a significant risk to affected organisations.' 'When they're able to compromise the fortress that is SharePoint, everybody is kind of at their whim because that is one of the highest security protocols out there,' said Gene Yu, CEO of Singapore-based cyber incident response firm Blackpanda. The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers. Researchers at Eye Security were the first to identify the vulnerability, Cutler said. They reported an intrusion on Friday resembling one identified earlier in the week in a demo by researchers Code White GmbH, which reproduced vulnerabilities presented by others at the Pwn2Own hacking contest. Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems. A Microsoft spokesperson declined to comment beyond the company's statement. Microsoft has faced a series of recent cyberattacks, warning in March that Chinese hackers were targeting remote management tools and cloud applications to spy on a range of companies and organisations in the US and abroad. The Cyber Safety Review Board, a White House-mandated group designed to examine major cyberattacks, said last year that Microsoft's security culture was 'inadequate' following the 2023 hack of the company's Exchange Online mailboxes. In that incident, hackers were able to breach 22 organizations and hundreds of individuals, including former US Commerce Secretary Gina Raimondo.
