Latest news with #VaishaBernard

Business Insider
6 days ago
- Business
- Business Insider
Microsoft server hack hits South African treasury, companies, and university
Several organisations in South Africa have fallen victim to a global cyberattack that exploited a vulnerability in Microsoft Corp.'s SharePoint servers. A global cyberattack has targeted Microsoft SharePoint server vulnerabilities, affecting 400 entities worldwide. Victims of the attack include government agencies, corporations, and educational institutions, with some cases reported in South Africa. South Africa's National Treasury detected malware in its infrastructure but confirmed no system disruptions. The Dutch company, which detected the initial wave of breaches last week, said hackers have compromised around 400 entities worldwide, including government agencies, corporations, and other institutions. The actual number of affected organisations may be significantly higher. While the United States accounted for the majority of the breaches, Mauritius, Jordan, South Africa, and the Netherlands also reported a notable number of victims, Bloomberg reported. 'We never name individual victims, but can share that in South Africa we've seen an organisation in the car-manufacturing industry, a university, several local-government entities and a federal government entity,' Eye Security co-owner Vaisha Bernard said. He added that two additional, unnamed organisations have also been compromised. Details of the attack have been shared with South Africa's Computer Security Incident Response Team (CSIRT) for further investigation. Treasury confirms malware infection South Africa's National Treasury has confirmed that it is working with Microsoft Corp. after detecting malware on one of its systems. The infection was found on its Infrastructure Reporting Model website, the Treasury said in a statement. The incident comes amid a broader wave of cyberattacks exploiting vulnerabilities in Microsoft's SharePoint servers. The platform is widely used in South Africa by both public and private institutions for document collaboration and storage. Many organisations host SharePoint on-premises to maintain control and add layers of security, ironically, the very setup now being targeted by attackers.


Free Malaysia Today
7 days ago
- Free Malaysia Today
Researchers say Microsoft server hack has now hit 400 victims
Microsoft says Chinese hackers are among those taking advantage of the flaw. (AP pic) WASHINGTON : A sweeping cyber-espionage campaign organisation centred on vulnerable versions of Microsoft's server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artefacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organisations catalogued over the weekend. Eye Security says the figure is likely an undercount. 'There are many more, because not all attack vectors have left artefacts that we could scan for,' said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. The details of most of the victim organisations have not yet been fully disclosed. Bernard declined to identify them.


Dubai Eye
7 days ago
- Dubai Eye
Microsoft says some SharePoint server hackers now using ransomware
A cyber-espionage campaign centered on vulnerable versions of Microsoft's MSFT.O server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post. In the post, citing "expanded analysis and threat intelligence," Microsoft said a group it dubs "Storm-2603" is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised. "Additional servers were isolated as a precaution," he said. The news of the compromise was first reported by the Washington Post. Other outlets said the hacking campaign had breached an even broader range of U.S. agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security had been hit, along with more than five to 12 other agencies. Politico, which cited two U.S. officials, said multiple agencies were believed to have been breached. DHS' cyberdefense arm, CISA, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims. The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google-owner Alphabet GOOGL.O, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim.


Economic Times
7 days ago
- Politics
- Economic Times
Microsoft says some SharePoint server hackers now use ransomware
Agencies A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog the post, citing "expanded analysis and threat intelligence," Microsoft said a group it dubs "Storm-2603" is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount."There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised."Additional servers were isolated as a precaution," he said. The news of the compromise was first reported by the Washington outlets said the hacking campaign had breached an even broader range of U.S. agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security had been hit, along with more than five to 12 other which cited two U.S. officials, said multiple agencies were believed to have been cyberdefense arm, CISA, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims. The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google-owner Alphabet , have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. Elevate your knowledge and leadership skills at a cost cheaper than your daily tea. Can victims of Jane Street scam be compensated by investor protection funds? Did the likes of TCS, Infosys, Wipro let India down in AI race? How India's oil arbitrage has hit the European sanctions wall Apple has a new Indian-American COO. What it needs might be a new CEO. Stock Radar: Tata Chemicals breaks out from 1-month consolidation; time to buy the dip? Power sector companies: Will they be able to outperform? 5 power stocks with an upside potential ranging from 6 to 29% For risk-takers with long-term perspective: 7 mid-cap stocks from different sectors with upside potential of over 26% Multibagger or IBC - Part 16: Regulatory tailwind turns compliance into cash. This auto ancillary could be a winner
Business Times
7 days ago
- Business Times
Microsoft says some SharePoint server hackers now using ransomware
[WASHINGTON] A cyber-espionage campaign centred on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday (Jul 23) blog post. In the post, citing 'expanded analysis and threat intelligence', Microsoft said a group it dubs 'Storm-2603' is using the vulnerability to seed the ransomware, which typically works by paralysing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organisations catalogued over the weekend. Eye Security says the figure is likely an undercount. 'There are many more, because not all attack vectors have left artifacts that we could scan for,' said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches. The details of most of the victim organisations have not yet been fully disclosed, but on Wednesday, a representative for the National Institutes of Health confirmed that one of the organisation's servers had been compromised. BT in your inbox Start and end each day with the latest news stories and analyses delivered straight to your inbox. Sign Up Sign Up 'Additional servers were isolated as a precaution,' he said. The news of the compromise was first reported by The Washington Post. Other outlets said the hacking campaign had breached an even broader range of US agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security (DHS) had been hit, along with more than five to 12 other agencies. Politico, which cited two US officials, said multiple agencies were believed to have been breached. DHS' cyberdefense arm, Cisa, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims. The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google-owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. REUTERS