Latest news with #Sharepoint
Time of India
7 days ago
- Time of India
Microsoft warns of ransomware surge in SharePoint server attacks linked to Chinese hackers
Microsoft Sharepoint zero-day vulnerability Microsoft has issued a warring to organisations that are using on-premises SharePoint servers. The tech giant has confirmed that the hackers are exploiting vulnerabilities in its on on-premises SharePoint servers to deploy ransomware. The Microsoft Threat Intelligence team has identified a specific actor, designated Storm-2603 , as being responsible for these new ransomware campaigns. Earlier, the exploration of SharePoint vulnerabilities led of data exfiltration , but the latest observations suggest motivated financial attacks leveraging the Warlock ransomware. Hackers are using the Warlock ransomware to paralyze networks and demand cryptocurrency payments. How the attack works In an updated blog post Microsoft explains that the attack starts with the exploitation of an internet-facing on-premises SharePoint server. This initial breach grants Storm-2603 access to the environment, often facilitated by a payload named Once the hacker gains access they then move ahead and deploy ransomware. Microsoft has confirmed that SharePoint Online is not affected, but on-premises versions—including SharePoint 2016, 2019, and Subscription Edition—remain vulnerable if not patched. Three Chinese state-sponsored groups behind global attack Microsoft identified three China-linked groups—Linen Typhoon, Violet Typhoon, and Storm-2603—as exploiting critical vulnerabilities in SharePoint servers that rendered customers running the software on their own networks vulnerable to attack. The breaches affected organizations across multiple sectors, including government agencies, energy companies, consulting firms, and universities spanning from the US to Europe and the Middle East. No sensitive or classified information was reportedly compromised in the National Nuclear Security Administration breach, according to sources familiar with the matter. The semiautonomous Energy Department arm responsible for producing and dismantling nuclear weapons was targeted alongside other federal agencies including the US Education Department. What organisation should do Microsoft has also shared some guidelines for users to protect their on-premises SharePoint Server environment. The company has asked the users to: - Enable Antimalware Scan Interface (AMSI) integration and deploy Defender AV on all SharePoint servers - If AMSI cannot be enabled, Microsoft recommends disconnecting servers from the internet - Use Defender for Endpoint to detect post-exploit activity and monitor for suspicious file creation like
Forbes
22-07-2025
- Forbes
The Wiretap: Chinese Hackers Exploit Microsoft Sharepoint 0-Day, Google Warns
The Wiretap is your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here. getty In what's one of the more significant series of cyberattacks in 2025, hackers are targeting a severe weakness in Microsoft's Sharepoint software, which is used by its customers to build and manage shared files. Among the attackers, according to Google security researchers, is a Chinese-affiliated group. Late last week, Microsoft said it was aware of attacks targeting its SharePoint customers who use the system on their own servers. Google said hackers were using the Sharepoint vulnerability to install malware on those servers, which enables them to steal data, including cryptographic keys protecting sensitive information. Though Microsoft has said a fix is available for all affected customers, it's likely many have yet to fully patch their systems. 'It's critical to understand that multiple actors are now actively exploiting this vulnerability,' said Charles Carmakal, CTO of Mandiant Consulting at Google Cloud. 'We fully anticipate that this trend will continue, as various other threat actors, driven by diverse motivations, will leverage this exploit as well.' Carmakal didn't offer much details on which Chinese hackers were targeting the Sharepoint flaws. But according to the Washington Post, the system is commonly used by American federal and state agencies, making fixes that much more urgent. Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. THE BIG STORY: Microsoft Used Chinese Engineers For Department of Defense Computers (Photo by NOEL CELIS/AFP via Getty Images) AFP via Getty Images ProPublica has reported on a previously-unknown Microsoft program employing China-based coders to maintain Defense Department systems. The Chinese workers were monitored by low-paid, U.S.-based 'digital escorts,' few of whom had the technical expertise to ensure the system's integrity, the news site reported. There are fears the program may have exposed intelligence to China. Microsoft has since shut the program down. Stories You Have To Read Today Google has filed a lawsuit (PDF) claiming 25 unidentified individuals are running the BadBox botnet, which has compromised as many as 10 million internet-connected TVs that use open source Android software. The tech giant has been given permission to stop the accused from operating certain domains they used to run the botnet. Notting Hill Carnival is going to be using live facial recognition this August in an attempt to identify criminals attending the world-famous event. Privacy activists heavily criticized the move. 'Plans to use this dangerous and discriminatory technology should be immediately scrapped,' said Big Brother Watch interim director Rebecca Vincent. The U.K. government sanctioned three Russian spy units for their part in cyber operations and said it had identified malware developed by Kremlin hackers that had obtained 'persistent endpoint access to Microsoft cloud accounts by blending in with legitimate activity.' Winner of the Week Exein, a cyber startup that's created a 'digital immune system' for connected devices, has announced a $80 million Series C funding round. Founded in Italy, its security tech is aimed at providers of so-called Internet-of-Things devices, from routers to smart TVs. Loser of the Week New Jersey man Navin Khanna has pleaded guilty to running a criminal enterprise that stole thousands of catalytic converters from vehicles and sold them on, making as much as $600 million in the process. Such converters are designed to reduce toxic pollutants from car exhausts. Khanna found he could sell them to a metal refinery that extracted precious metals to make his fortune. More On Forbes Forbes Why JPMorgan Is Hitting Fintechs With Stunning New Fees For Data Access Forbes The Best Places To Retire Abroad In 2025 Forbes Inside America's Top Small Business Bank
New York Post
10-07-2025
- New York Post
Thousands report issues with Microsoft Outlook email in apparent outage
Thousands of users reported issues accessing their Outlook email accounts as Microsoft appeared to suffer an outage Thursday morning. More than 2,100 customers reported trouble with their Outlook accounts by approximately 9:30 a.m. ET, according to Another 250 reported issues across Microsoft 365, which includes office programs like Skype and Sharepoint. Advertisement Thousands of users reported issues accessing their Microsoft Outlook email accounts on Thursday. AP Many complaints reported an inability to log in to Microsoft accounts. Microsoft did not immediately respond to The Post's request for comment.
The Hindu
05-06-2025
- Business
- The Hindu
ChatGPT introduces record mode and connectors with Google Drive and DropBox for enterprises
OpenAI has announced new features for ChatGPT business users including connectors and a recording feature for meetings. Users will be able to connect ChatGPT with DropBox, Sharepoint, OneDrive, Google Drive and Box to look for specific data without leaving ChatGPT. 'For example, a researcher could use the Box connector to quickly retrieve quarterly sales metrics from PDFs or spreadsheets stored in Box. ChatGPT will structure and clearly present the data - and respect your organization's existing permissions on the user level - from those documents, with citations,' the announcement made by the company said. Admins will be able to choose which connectors to enable at the workspace level by hierarchy. Meanwhile, Record mode in ChatGPT helps users record and transcribe meetings, generate clear notes, timestamp citations, and offer AI-powered suggestions. Users will be able to recall past decisions and follow-up actions from documents and saved files and even turn recorded discussions into actionable items as a Canvas document, ChatGPT's interface or writing and coding. Additionally, the beta for deep research connectors is now available with HubSpot, Linear, as well as many popular Microsoft and Google tools. 'These build on Deep Research, an agent that conducts multi-step research for complex tasks, by gathering, synthesizing, and presenting information from third-party tools and the web,' the company stated. Connectors are currently available to all Team, Enterprise, and Edu users. Customers can also use model context protocol (MCP) to connect to other tools for deep research. MCP support will be available to Pro, Team, and Enterprise users.
Forbes
09-04-2025
- Business
- Forbes
Is Microsoft's Straightforward Agent Story Enough To Create More Fans?
Microsoft provided a three-fer announcement last week with respect to its strategy for AI agents. These capabilities are all available in various forms from competitors already; see, for example, the articles I've written on Salesforce and UiPath. So it wasn't any breakthrough functionality that caught my eye. What stuck out for me instead was how each part of Microsoft's announcement was presented in a unified and sensible way. From a customer perspective, it was clear enough where a businessperson could say, 'I'd like to hear more.' It also helped that Microsoft explained and demonstrated each part without using endless terminal windows with multicolored text. Instead, Microsoft was able to leverage its visual development capabilities in Copilot Studio AI (as in the image below). (Note: Microsoft is an advisory client of my firm, Moor Insights & Strategy.) Microsoft announced new capabilities to support different types of agent applications — agentic workflows, deep reasoning workflows and autonomous agents. These cover a wide swath of agent use cases. While some platforms may specialize in one type of these or another, Microsoft is going broad and building from existing features in its Copilot Studio AI development tool. Let's break these down. As the name suggests, an agentic workflow provides a path for an agent to follow to get to a desired end result. In this case, the AI value-add is using language to take inputs from a previous step, interpret them, provide an answer and move to the next step per the workflow rules. This is a very common use case, but not everyone has been very good at making workflow development intuitive. Microsoft has done well with these enhancements, including the ability to use natural language to create, modify and test the workflow, which is presented to the author via an easy-to-understand UI. Deep reasoning models are relatively new and represent a change in how a user interacts with natural language models. These models are more expensive computationally and financially because they take more compute time to 'think' through a particular request and give a more detailed answer. So, there is a tradeoff between costs and complexity from an agent perspective when comparing deep reasoning versus agentic workflows. Microsoft's demo used the very good example of a deep reasoning agent that can develop a response to a complex and unstructured RFP, which would not have been possible using an agentic workflow. Microsoft has also deployed a solution for autonomous agents, which are agents that respond to some specified business trigger. A trigger is a piece of code that is on the lookout for certain business events. Once initiated, the trigger collects information and creates an event-specific prompt called a payload. An example would be the addition of an entry to a database or a document to a Sharepoint folder. The trigger sees the event, creates the payload and runs. These actions seem like a very natural fit for agentic workflows to achieve a high degree of automation for rote tasks needing no human intervention. From a developer's point of view, Microsoft has a good and predictable reputation. The company tends to have strong tooling capabilities and excellent integration with its other products. It's reasonable to say that Microsoft follows the market versus pushing the envelope — but it does a reliable job. There are notable exceptions where Microsoft has been out in front of the industry, for example in its partnership with OpenAI or its major push to get Copilot established in 2023. But in the case of agents, what I see is something more in line with its historical reputation of fast following. For example, the workflow tooling that ServiceNow announced last year is similar to what Microsoft is announcing now. And we have already seen deep reasoning agents from Anthropic in the last few months. That is not a bad thing. When considering agents, you need to consider that a big part of AI monetization will come from the model and where the data for it is stored. This explains Microsoft aggressively laying down an AI foundation with Copilot (and, by the way, investing heavily in data with offerings like Microsoft Fabric). Agents will become important consumers and facilitators of models and data repositories. So, in the case of agents, Microsoft can afford to look to others and follow quickly. I recently published a piece on how Google aimed squarely at the customer of its Customer Experience Suite with its latest product announcement. I get a similar feeling from this Microsoft announcement, so kudos to Microsoft for delivering a clear and understandable perspective on agents and AI that should be easy for enterprises to grasp. That said, I do have a few comments and suggestions as I conclude. First, it would be interesting to see if the user could get some automated guidance about whether an agentic workflow approach or a deep reasoning approach would be better. I mean 'better' from the perspectives of both accuracy and economics. The idea would be that if I used natural language to start creating an agent, Copilot could say which type of agent would be a better fit — but also at what cost. For example, 'This workflow is not very detailed, so a reasoning agent works better, but each time you run this agent it may cost up to three times as much.' Second, it may be hard to create a trigger ecosystem, and that is a genuine concern. Microsoft already has 50 triggers available, and (unsurprisingly) they cater toward the Microsoft product line. So, for instance, there are triggers for Outlook, Sharepoint and Dataverse. However, we are already starting to see momentum for open standards like MCP, which could someday support a similar capability. This may be an area where an open triggering standard could be beneficial. Finally, the demos for this iteration tended to focus on personal productivity. That might be fine for now, but I think that in the future Microsoft could leverage other parts of its portfolio and demonstrate some very powerful capabilities, especially in B2B. I'd love to see something that would further differentiate Microsoft solutions such as Dynamics 365 or Defender from their respective competitors.
