Latest news with #MAPP
Time of India
3 days ago
- Business
- Time of India
Microsoft looking at ‘internal leak' after Chinese hackers exploit SharePoint flaw
Microsoft is reportedly investigating whether a leak within its Microsoft Active Protections Program (MAPP), an early alert system for cybersecurity companies, allowed alleged Chinese state-backed hackers to exploit vulnerabilities in its SharePoint service before patches were widely available. The development comes after a security fix released by the tech giant earlier this month reportedly failed to fully address a critical flaw in the server software, leading to widespread cyber espionage attempts. 'As part of our standard process, we'll review this incident, find areas to improve, and apply those improvements broadly,' a Microsoft spokesperson was quoted by Bloomberg as saying. Meanwhile, Microsoft told news agency Reuters that it continually evaluates 'the efficacy and security of all of our partner programs and makes the necessary improvements as needed.' How Microsoft SharePoint was hacked Last week, Microsoft acknowledged that at least two alleged Chinese hacking groups, identified as " Linen Typhoon " and " Violet Typhoon ," along with a third China-based entity, were actively exploiting these weaknesses. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like AirSense 11 – Smart tech for deep sleep ResMed Buy Now Undo The vulnerability in question was first publicly demonstrated in May by Dinh Ho Anh Khoa, a researcher with Vietnamese cybersecurity firm Viettel, at the Pwn2Own cybersecurity conference in Berlin. Khoa was awarded $100,000 for his discovery, prompting Microsoft to release an initial patch in July. However, members of the MAPP program had already been notified of these vulnerabilities on June 24, July 3, and July 7, according to Dustin Childs, head of threat awareness for Trend Micro's Zero Day Initiative, which organises Pwn2Own. Microsoft observed exploit attempts beginning July 7. Childs told Reuters that "the likeliest scenario is that someone in the MAPP program used that information to create the exploits." While the specific vendor responsible for a potential leak remains unclear, Childs speculated, "since many of the exploit attempts come from China, it seems reasonable to speculate it was a company in that region." Nvidia Makes History: First Company to Hit $4 Trillion Market Cap AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Straits Times
3 days ago
- Business
- Straits Times
Microsoft probing whether cyber alert tipped off Chinese hackers
Find out what's new on ST website and app. Microsoft is looking into whether a leak from its early alert system led to the widespread exploitation of vulnerabilities in the SharePoint software. Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, according to people familiar with the matter. The technology company is looking into whether the programme – designed to give cybersecurity experts a chance to fix computer systems before the revelation of new security concerns – led to the widespread exploitation of vulnerabilities in its SharePoint software globally over the past several days, the people said, asking not to be identified discussing private matters. 'As part of our standard process, we'll review this incident, find areas to improve, and apply those improvements broadly,' a Microsoft spokesperson said in a statement, adding that partner programmes are an important part of the company's security response. The Chinese embassy in Washington referred to comments made by foreign affairs ministry spokesman Guo Jiakun to media earlier this week, opposing hacking activities. 'Cybersecurity is a common challenge faced by all countries and should be addressed jointly through dialogue and cooperation,'' Mr Guo said. 'China opposes and fights hacking activities in accordance with the law. At the same time, we oppose smears and attacks against China under the excuse of cybersecurity issues.' Microsoft has attributed SharePoint breaches to state-sponsored hackers from China , and at least a dozen Chinese companies participate in the initiative, called the Microsoft Active Protections Program, or MAPP, according to Microsoft's website. Members of the 17-year-old programme must prove they are cybersecurity vendors and that they don't produce hacking tools like penetration testing software. After signing a non-disclosure agreement, they receive information about novel patches to vulnerabilities 24 hours before Microsoft releases them to the public. A subset of more highly-vetted users receive notifications of an incoming patch five days earlier, according to Microsoft's MAPP website. Mr Dustin Childs, head of threat awareness for the Zero Day Initiative at cybersecurity company Trend Micro, says Microsoft alerted members of the program about the vulnerabilities that led to the SharePoint attacks. 'These two bugs were included in the MAPP release,' says Mr Childs, whose company is a MAPP member. 'The possibility of a leak has certainly crossed our minds.' He adds that such a leak would be a dire threat to the program, 'even though I still think MAPP has a lot of value'. Victims of the attacks now total more than 400 government agencies and corporations worldwide, including the US's National Nuclear Security Administration, the division responsible for designing and maintaining the country's nuclear weapons. For at least some of the attacks, Microsoft has blamed Linen Typhoon and Violet Typhoon, groups sponsored by the Chinese government, as well as another China-based group it calls Storm-2603. In response to the allegations, the Chinese Embassy has said it opposes all forms of cyberattacks, while also objecting to 'smearing others without solid evidence'. Mr Dinh Ho Anh Khoa, a researcher who works for the Vietnamese cybersecurity firm Viettel, revealed that SharePoint had unknown vulnerabilities in May at Pwn2Own, a conference in Berlin run by Mr Childs' organisation where hackers sit on stage and search for critical security vulnerabilities in front of a live audience. After the public demonstration and celebration, Mr Khoa headed to a private room with Childs and a Microsoft representative, Mr Childs said. Mr Khoa explained the exploit in detail and handed over a full white paper. Microsoft validated the research and immediately began working on a fix. Mr Khoa won US$100,000 (S$128,160) for the work. It took Microsoft about 60 days to come up with a fix. On July 7, the day before it released a patch publicly, hackers attacked SharePoint servers, cybersecurity researchers said. It is possible that hackers found the bugs independently and began exploiting them on the same day that Microsoft shared them with MAPP members, says Mr Childs. But he adds that this would be an incredible coincidence. The other obvious possibility is that someone shared the information with the attackers. The leak of news of a pending patch would be a substantial security failure, but 'it has happened before,' says Mr Jim Walter, senior threat researcher the cyber firm SentinelOne. MAPP has been the source of alleged leaks as far back as 2012, when Microsoft accused the Hangzhou DPtech Technologies, a Chinese network security company, of disclosing information that exposed a major vulnerability in Windows. Hangzhou DPtech was removed from the MAPP group. At the time, a Microsoft representative said in a statement that it had also 'strengthened existing controls and took actions to better protect our information'. In 2021, Microsoft suspected at least two other Chinese MAPP partners of leaking information about vulnerabilities in its Exchange servers, leading to a global hacking campaign that Microsoft blamed on a Chinese espionage group called Hafnium. It was one of the company's worst breaches ever – tens of thousands of exchange servers were hacked, including at the European Banking Authority and the Norwegian Parliament. Following the 2021 incident, the company considered revising the MAPP program, Bloomberg previously reported. But it did not disclose whether any changes were ultimately made or whether any leaks were discovered. A 2021 Chinese law mandates that any company or security researcher who identifies a security vulnerability must report it within 48 hours to the government's Ministry of Industry and Information Technology, according to an Atlantic Council report. Some of the Chinese companies that remain involved in MAPP, such as Beijing CyberKunlun Technology, are also members of a Chinese government vulnerabilities programme, the China National Vulnerability Database, which is operated by the country's Ministry of State Security, according to Chinese government websites. Mr Eugenio Benincasa, a researcher at ETH Zurich's Center for Security Studies, says there is a lack of transparency about how Chinese companies balance their commitments to safeguard vulnerabilities shared by Microsoft with requirements that they share information with the Chinese government. 'We know that some of these companies collaborate with state security agencies and that the vulnerability management system is highly centralised,' says Mr Benincasa. 'This is definitely an area that warrants closer scrutiny.' BLOOMBERG
Indian Express
3 days ago
- Business
- Indian Express
Microsoft probing if Chinese hackers learned SharePoint flaws through alert: Reports
Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday. A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort. In a blog post on Tuesday, Microsoft said two allegedly Chinese hacking groups, dubbed 'Linen Typhoon' and 'Violet Typhoon,' were exploiting the weaknesses, along with a third, also based in China. The tech giant is probing if a leak from the Microsoft Active Protections Program (MAPP) led to the widespread exploitation of vulnerabilities in its SharePoint software globally over the past several days, the report said. Microsoft said in a statement provided to Reuters that the company continually evaluates 'the efficacy and security of all of our partner programs and makes the necessary improvements as needed.' A researcher with Vietnamese cybersecurity firm Viettel demonstrated the SharePoint vulnerability in May at the Pwn2Own cybersecurity conference in Berlin. The conference, put on by cybersecurity company Trend Micro's Zero Day Initiative, rewards researchers in the pursuit of ethically disclosing software vulnerabilities. The researcher, Dinh Ho Anh Khoa, was awarded $100,000 and Microsoft issued an initial patch for the vulnerability in July, but members of the MAPP program were notified of the vulnerabilities on June 24, July 3 and July 7, Dustin Childs, head of threat awareness for the Zero Day Initiative at Trend Micro, told Reuters Friday. Microsoft first observed exploit attempts on July 7, the company said in the Tuesday blog post. Childs told Reuters that 'the likeliest scenario is that someone in the MAPP program used that information to create the exploits.' It's not clear which vendor was responsible, Childs said, 'but since many of the exploit attempts come from China, it seems reasonable to speculate it was a company in that region.' It would not be the first time that a leak from the MAPP program led to a security breach. More than a decade ago, Microsoft accused a Chinese firm, Hangzhou DPTech Technologies Co., Ltd., of breaching its non-disclosure agreement and expelled it from the program. 'We recognize that there is the potential for vulnerability information to be misused,' Microsoft said in a 2012 blog post, around the time that information first leaked from the program. 'In order to limit this as much as possible, we have strong non-disclosure agreements (NDA) with our partners. Microsoft takes breaches of its NDAs very seriously.' Any confirmed leak from MAPP would be a blow to the program, which is meant to give cyber defenders the upper hand against hackers who race to parse Microsoft updates for clues on how to develop malicious software that can be used against still-vulnerable users. Launched in 2008, MAPP was meant to give trusted security vendors a head start against the hackers, for example, by supplying them with detailed technical information and, in some cases, 'proof of concept' software that mimics the operation of genuine malware.
Economic Times
3 days ago
- Business
- Economic Times
Microsoft probing if Chinese hackers learned SharePoint flaws through alert: Report
Reuters Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday. A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort. In a blog post on Tuesday, Microsoft said two allegedly Chinese hacking groups, dubbed "Linen Typhoon" and "Violet Typhoon," were exploiting the weaknesses, along with a third, also based in China. The tech giant is probing if a leak from the Microsoft Active Protections Program (MAPP) led to the widespread exploitation of vulnerabilities in its SharePoint software globally over the past several days, the report said. Microsoft said in a statement provided to Reuters that the company continually evaluates "the efficacy and security of all of our partner programs and makes the necessary improvements as needed." A researcher with Vietnamese cybersecurity firm Viettel demonstrated the SharePoint vulnerability in May at the Pwn2Own cybersecurity conference in Berlin. The conference, put on by cybersecurity company Trend Micro's Zero Day Initiative, rewards researchers in the pursuit of ethically disclosing software vulnerabilities. The researcher, Dinh Ho Anh Khoa, was awarded $100,000 and Microsoft issued an initial patch for the vulnerability in July, but members of the MAPP program were notified of the vulnerabilities on June 24, July 3 and July 7, Dustin Childs, head of threat awareness for the Zero Day Initiative at Trend Micro, told Reuters Friday. Microsoft first observed exploit attempts on July 7, the company said in the Tuesday blog post. Childs told Reuters that "the likeliest scenario is that someone in the MAPP program used that information to create the exploits." It's not clear which vendor was responsible, Childs said, "but since many of the exploit attempts come from China, it seems reasonable to speculate it was a company in that region." It would not be the first time that a leak from the MAPP program led to a security breach. More than a decade ago, Microsoft accused a Chinese firm, Hangzhou DPTech Technologies Co., Ltd., of breaching its non-disclosure agreement and expelled it from the program. "We recognize that there is the potential for vulnerability information to be misused," Microsoft said in a 2012 blog post, around the time that information first leaked from the program. "In order to limit this as much as possible, we have strong non-disclosure agreements (NDA) with our partners. Microsoft takes breaches of its NDAs very seriously." Any confirmed leak from MAPP would be a blow to the program, which is meant to give cyber defenders the upper hand against hackers who race to parse Microsoft updates for clues on how to develop malicious software that can be used against still-vulnerable users. Launched in 2008, MAPP was meant to give trusted security vendors a head start against the hackers, for example, by supplying them with detailed technical information and, in some cases, "proof of concept" software that mimics the operation of genuine malware. Elevate your knowledge and leadership skills at a cost cheaper than your daily tea. Paid less than plumbers? The real story of freshers' salaries at Infy, TCS. Can medicines inject the vitamins Amazon is missing? Can victims of Jane Street scam be compensated by investor protection funds? We prefer to have idle pilots than grounded planes: Akasa CFO on losses, funding hiccups, Boeing What if Tata Motors buys Iveco's truck unit? Will it propel or drag like JLR? How private ARCs are losing out to a govt-backed firm dealing in bad loans Stock picks of the week: 5 stocks with consistent score improvement and return potential of 13 to 45% in 1 year Short-term valuation headwinds? Yes. Long-term growth potential intact? Yes. Which 'Yes' is more relevant? F&O Radar| Deploy Bull Call Spread in Nifty to gain from a 'buy-on-dips' stance
Borneo Post
09-07-2025
- Borneo Post
Miri man injured after MAPP gas cylinder explodes in home welding incident
Bomba photo shows the items used in the incident. MIRI (July 9): A 34-year-old man sustained injuries after a methyl acetylene propadiene propane (MAPP) gas cylinder exploded in an incident at his house at Jalan Dato Permaisuri 5 here yesterday evening. The Sarawak Fire and Rescue Department (Bomba) Operations Centre said a distress call on the incident was received at 6.45pm. 'Upon receiving the emergency call, a team of 17 firefighters from the Lutong and Lopeng fire stations was immediately dispatched to the location,' Bomba said in a statement. The team arrived at the scene at 6.57pm, where the operation commander confirmed that an explosion had occurred. The explosion happened while the victim was cutting a cylinder valve using a gas welding torch. 'The victim sustained injuries to several parts of his body and was taken to hospital by family members before the arrival of Bomba personnel,' said the statement. Firefighters conducted safety monitoring at the scene and returned to their respective stations after confirming the situation was secure. The operation concluded at 7.15pm. Jalan Dato Permaisuri 5 Lopeng fire station Lutong fire station
