Latest news with #TrendMicro
Indian Express
19 hours ago
- Indian Express
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort, a timeline reviewed by Reuters shows. On Tuesday, a Microsoft spokesperson confirmed that its initial solution to the flaw, identified at a hacker competition in May, did not work, but added that it released further patches that resolved the issue. It remains unclear who is behind the spy effort, which targeted about 100 organisations over the weekend, and is expected to spread as other hackers join the fray. In a blog post Microsoft said two allegedly Chinese hacking groups, dubbed 'Linen Typhoon' and 'Violet Typhoon,' were exploiting the weaknesses, along with a third, also based in China. Microsoft and Alphabet's Google have said China-linked hackers were probably behind the first wave of hacks. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies such hacking operations. In an emailed statement, its embassy in Washington said China opposed all forms of cyberattacks, and 'smearing others without solid evidence.' The vulnerability opening the way for the attack was first identified in May at a Berlin hacking competition organised by cybersecurity firm Trend Micro that offered cash bounties for finding computer bugs in popular software. It offered a $100,000 prize for so-called 'zero-day' exploits that leverage previously undisclosed digital weaknesses that could be used against SharePoint, Microsoft's flagship document management and collaboration platform. The U.S. National Nuclear Security Administration, charged with maintaining and designing the nation's cache of nuclear weapons, was among the agencies breached, Bloomberg News said on Tuesday, citing a person with knowledge of the matter. No sensitive or classified information is known to have been compromised, it added. The U.S. Energy Department, the U.S. Cybersecurity and Infrastructure Security Agency, and Microsoft did not immediately respond to Reuters' requests for comment on the report. A researcher for the cybersecurity arm of Viettel, a telecoms firm run by Vietnam's military, identified a SharePoint bug at the May event, dubbed it 'ToolShell' and demonstrated a way to exploit it. The discovery won the researcher an award of $100,000, an X posting by Trend Micro's 'Zero Day Initiative' showed. Participating vendors were responsible for patching and disclosing security flaws in 'an effective and timely manner,' Trend Micro said in a statement. 'Patches will occasionally fail,' it added. 'This has happened with SharePoint in the past.' In a July 8 security update Microsoft said it had identified the bug, listed it as a critical vulnerability, and released patches to fix it. About 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers. 'Threat actors subsequently developed exploits that appear to bypass these patches,' British cybersecurity firm Sophos said in a blog post on Monday. The pool of potential ToolShell targets remains vast. Hackers could theoretically have already compromised more than 8,000 servers online, data from search engine Shodan, which helps identify internet-linked equipment, shows. Such servers were in networks ranging from auditors, banks, healthcare companies and major industrial firms to U.S. state-level and international government bodies. The Shadowserver Foundation, which scans the internet for potential digital vulnerabilities, put the number at a little more than 9,000, cautioning that the figure is a minimum. It said most of those affected were in the United States and Germany. Germany's federal office for information security, BSI, said on Tuesday it had found no compromised SharePoint servers in government networks, despite some being vulnerable to the ToolShell attack.
The Hindu
20 hours ago
- Business
- The Hindu
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the U.S. tech company's SharePoint server software that had been identified at a hacking competition in May, opening the door to a sweeping global cyber espionage operation, according to a timeline of events reviewed by Reuters. A Microsoft spokesperson confirmed on Tuesday that its initial solution did not work. The spokesperson added that Microsoft had released further patches that fixed the issue. It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend and is expected to escalate as other hackers join the fray. Microsoft said in a blog post that two allegedly Chinese hacking groups, dubbed "Linen Typhoon" and "Violet Typhoon," were exploiting the vulnerabilities, along with another China-based hacking group. Microsoft and Alphabet's Google have said that China-linked hackers were likely behind the first wave of hacks. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies carrying out hacking operations. In an emailed statement, the Chinese embassy in Washington said China opposes all forms of cyberattacks, and "smearing others without solid evidence." The vulnerability that facilitated the attack was first identified in May at a hacking competition in Berlin organised by cybersecurity firm Trend Micro, which offered cash bounties for the discovery of computer bugs in popular software. It offered a $100,000 prize for "zero-day" exploits, which are called that because they leverage previously undisclosed digital weaknesses that could be used against SharePoint, Microsoft's flagship document management and collaboration platform. A researcher working for the cybersecurity arm of Viettel, a telecommunications firm operated by Vietnam's military, identified a SharePoint bug at the event, dubbed it "ToolShell" and demonstrated a method of exploiting it. The researcher was awarded $100,000 for the discovery, according to a post on X by Trend Micro's "Zero Day Initiative." In a statement, Trend Micro said it was the responsibility of vendors participating in its competition to patch and disclose security flaws in "an effective and timely manner." "Patches will occasionally fail. This has happened with SharePoint in the past," the statement said. Microsoft said in a July 8 security update that it had identified the bug, listed it as a critical vulnerability, and released patches to fix it. About 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers. "Threat actors subsequently developed exploits that appear to bypass these patches," British cybersecurity firm Sophos said in a blog post on Monday. The pool of potential ToolShell targets remains vast. According to data from Shodan, a search engine that helps identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers. Those servers include major industrial firms, banks, auditors, healthcare companies, and several U.S. state-level and international government entities. The Shadowserver Foundation, which scans the internet for potential digital vulnerabilities, put the number at a little more than 9,000, while cautioning that the figure was a minimum. It said most of those affected were in the United States and Germany, and the victims included government organisations. Germany's federal office for information security, BSI, said on Tuesday it had found SharePoint servers within government networks that were vulnerable to the ToolShell attack but none had been compromised.
Time of India
a day ago
- Business
- Time of India
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A Microsoft spokesperson confirmed on Tuesday that its initial solution did not work. The spokesperson added that Microsoft had released further patches that fixed the issue. It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend and is expected to escalate as other hackers join the fray. Tired of too many ads? Remove Ads Tired of too many ads? Remove Ads A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the US tech company's SharePoint server software that had been identified at a hacking competition in May, opening the door to a sweeping global cyber espionage operation , according to a timeline of events reviewed by Reuters.A Microsoft spokesperson confirmed on Tuesday that its initial solution did not work. The spokesperson added that Microsoft had released further patches that fixed the issue. It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend and is expected to escalate as other hackers join the fray. Microsoft said in a blog post that two allegedly Chinese hacking groups , dubbed " Linen Typhoon " and "Violet Typhoon," were exploiting the vulnerabilities, along with another China-based hacking and Alphabet's Google have said that China-linked hackers were likely behind the first wave of hacks. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies carrying out hacking operations. In an emailed statement, the Chinese embassy in Washington said China opposes all forms of cyberattacks, and "smearing others without solid evidence." The vulnerability that facilitated the attack was first identified in May at a hacking competition in Berlin organised by cybersecurity firm Trend Micro, which offered cash bounties for the discovery of computer bugs in popular offered a $100,000 prize for "zero-day" exploits - which are called that because they leverage previously undisclosed digital weaknesses that could be used against SharePoint, Microsoft's flagship document management and collaboration platform.A researcher working for the cybersecurity arm of Viettel, a telecommunications firm operated by Vietnam's military, identified a SharePoint bug at the event, dubbed it "ToolShell" and demonstrated a method of exploiting it. The researcher was awarded $100,000 for the discovery, according to a post on X by Trend Micro's "Zero Day Initiative."In a statement, Trend Micro said it was the responsibility of vendors participating in its competition to patch and disclose security flaws in "an effective and timely manner." "Patches will occasionally fail. This has happened with SharePoint in the past," the statement said. Microsoft said in a July 8 security update that it had identified the bug, listed it as a critical vulnerability, and released patches to fix 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers. "Threat actors subsequently developed exploits that appear to bypass these patches," British cybersecurity firm Sophos said in a blog post on pool of potential ToolShell targets remains to data from Shodan, a search engine that helps identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by servers include major industrial firms, banks, auditors, healthcare companies, and several U.S. state-level and international government Shadowserver Foundation, which scans the internet for potential digital vulnerabilities, put the number at a little more than 9,000, while cautioning that the figure was a minimum. It said most of those affected were in the United States and Germany, and the victims included government organisations. Germany's federal office for information security, BSI, said on Tuesday it had found SharePoint servers within government networks that were vulnerable to the ToolShell attack but none had been compromised.
Time of India
a day ago
- Business
- Time of India
Microsoft knew of SharePoint server exploit but failed to effectively patch it
By James Pearson LONDON: A security patch released by Microsoft last month failed to fully fix a critical flaw in U.S. tech giant's SharePoint server software that had been identified in May, opening the door to a sweeping global cyber espionage operation. It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend. But Alphabet's Google, which has visibility into wide swathes of internet traffic, said it tied at least some of the hacks to a "China-nexus threat actor". The Chinese Embassy in Washington did not respond to a Reuters request for comment. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies carrying out hacking operations. Contacted on Tuesday, Microsoft was not immediately able to provide comment on the patch and its effectiveness. The vulnerability that facilitated the attack was first identified in May at a hacking competition in Berlin organised by cybersecurity firm Trend Micro , which offered cash bounties for the discovery of computer bugs in popular software. It offered a $100,000 prize for "zero day" exploits - so called because they leverage previously undisclosed digital weaknesses - that could be used against SharePoint, Microsoft's flagship document management and collaboration platform. A researcher working for the cybersecurity arm of Viettel, a telecommunications firm operated by Vietnam's military, identified a SharePoint bug at the event, dubbed it 'ToolShell' and demonstrated a method of exploiting it. The researcher was awarded $100,000 for the discovery, according to a post on X by Trend Micro's "Zero Day Initiative". A spokesperson for Trend Micro did not immediately respond to Reuters' requests for comment regarding the competition on Tuesday. Microsoft subsequently said in a July 8 security update that it had identified the bug, listed it as a critical vulnerability, and released patches to fix it. Around 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers. "Threat actors subsequently developed exploits that appear to bypass these patches," British cybersecurity firm Sophos said in a blog post on Monday. The pool of potential ToolShell targets remains vast. According to data from Shodan, a search engine that helps to identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers. The Shadowserver Foundation, which scans the internet for potential digital vulnerabilities, put the number at a little more than 9,000, while cautioning that the figure was a minimum. Those servers include major industrial firms, banks, auditors, healthcare companies, and several U.S. state-level and international government entities.
Yahoo
a day ago
- Business
- Yahoo
Microsoft knew of SharePoint server exploit but failed to effectively patch it
By James Pearson LONDON (Reuters) -A security patch released by Microsoft (MSFT) last month failed to fully fix a critical flaw in U.S. tech giant's SharePoint server software that had been identified in May, opening the door to a sweeping global cyber espionage operation. It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend. But Alphabet's Google, which has visibility into wide swathes of internet traffic, said it tied at least some of the hacks to a "China-nexus threat actor". The Chinese Embassy in Washington did not respond to a Reuters request for comment. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies carrying out hacking operations. Contacted on Tuesday, Microsoft was not immediately able to provide comment on the patch and its effectiveness. The vulnerability that facilitated the attack was first identified in May at a hacking competition in Berlin organised by cybersecurity firm Trend Micro, which offered cash bounties for the discovery of computer bugs in popular software. It offered a $100,000 prize for "zero day" exploits - so called because they leverage previously undisclosed digital weaknesses - that could be used against SharePoint, Microsoft's flagship document management and collaboration platform. A researcher working for the cybersecurity arm of Viettel, a telecommunications firm operated by Vietnam's military, identified a SharePoint bug at the event, dubbed it 'ToolShell' and demonstrated a method of exploiting it. The researcher was awarded $100,000 for the discovery, according to a post on X by Trend Micro's "Zero Day Initiative". A spokesperson for Trend Micro did not immediately respond to Reuters' requests for comment regarding the competition on Tuesday. Microsoft subsequently said in a July 8 security update that it had identified the bug, listed it as a critical vulnerability, and released patches to fix it. Around 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers. "Threat actors subsequently developed exploits that appear to bypass these patches," British cybersecurity firm Sophos said in a blog post on Monday. The pool of potential ToolShell targets remains vast. According to data from Shodan, a search engine that helps to identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers. The Shadowserver Foundation, which scans the internet for potential digital vulnerabilities, put the number at a little more than 9,000, while cautioning that the figure was a minimum. Those servers include major industrial firms, banks, auditors, healthcare companies, and several U.S. state-level and international government entities. Sign up for Yahoo Finance's Week in Tech By subscribing, you are agreeing to Yahoo's Terms and Privacy Policy Sign in to access your portfolio
