Hackers exploiting SharePoint zero-day seen targeting government agencies
Over the weekend U.S. cybersecurity agency CISA published an alert, warning that hackers were exploiting a previously unknown bug — known as a 'zero-day' — in Microsoft's enterprise data management product SharePoint. While it's still early to draw definitive conclusions, it appears that the hackers who first started abusing this flaw were targeting government organizations, according to Silas Cutler, the principal researcher at Censys, a cybersecurity firm that monitors hacking activities on the internet.
'It looks like initial exploitation was against a narrow set of targets,' Cutler told TechCrunch. 'Likely government related.'
'This is a fairly rapidly evolving case. Initial exploitation of this vulnerability was likely fairly limited in terms of targeting, but as more attackers learn to replicate exploitation, we will likely see breaches as a result of this incident,' said Cutler.
Do you have more information about these SharePoint attacks? We'd love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
Now that the vulnerability is out there, and still not fully patched by Microsoft, it's possible other hackers that are not necessarily working for a government will join in and start abusing it, Cutler said.
Cutler added that he and his colleagues are seeing between 9,000 and 10,000 vulnerable SharePoint instances accessible from the internet, but that could change. Eye Security, which first published the existence of the bug, reported seeing a similar number, saying its researchers scanned more than 8,000 SharePoint servers worldwide and found evidence of dozens of compromised servers.
Given the limited number of targets and the types of targets at the beginning of the campaign, Cutler explained, it is likely that the hackers were part of a government group, commonly known as an advanced persistent threat.
The Washington Post reported on Sunday that the attacks targeted U.S. federal and state agencies, as well as universities and energy companies, among other commercial targets.
Microsoft said in a blog post that the vulnerability only affects versions of SharePoint that are installed on local networks, and not the cloud versions, which means that each organization that deploys a SharePoint server needs to apply the patch, or disconnect it from the internet.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
27 minutes ago
- Yahoo
Microsoft Corporation (MSFT): CEO's 'The Fist With The Velvet Glove,' Says Jim Cramer
We recently published . Microsoft Corporation (NASDAQ:MSFT) is one of the stocks Jim Cramer recently discussed. Software giant Microsoft Corporation (NASDAQ:MSFT) has had quite a time on the stock market in 2025. Its shares have gained 22.4% year-to-date as the firm has successfully managed to demonstrate the profitability of its AI and cloud businesses to investors. Microsoft Corporation (NASDAQ:MSFT) was under a bit of fire lately after its SharePoint service was hacked earlier this month. Cramer discussed the event and wondered whether taking a hard stance against Microsoft Corporation (NASDAQ:MSFT) could spell trouble. This time around, he discussed the firm in the context of a memo from CEO Satya Nadella discussing AI-led efficiency-driven layoffs and whether it would normalize the narrative of Silicon Valley laying off workers to streamline business: '[On Nadella's memo about layoffs] I've got to tell you, Nadella is, he is the fist with the velvet glove. He's so tough. I mean. You know people talk about Zuckerberg being tough, Zuckerberg's like giving out contracts that, you know, it's like Boilla, he's like giving out Bonilla contracts. He's giving lifetime contracts.' Copyright: rawpixel / 123RF Stock Photo Here are Cramer's previous comments about Microsoft Corporation (NASDAQ:MSFT): 'But I do say when I read that [Microsoft SharePoint attack] my first thought was, come one Microsoft, will you cut it out? Will you get your. . software better? Partner again with Crowdstrike or something. This is embarrassing.' While we acknowledge the potential of MSFT as an investment, our conviction lies in the belief that some AI stocks hold greater promise for delivering higher returns and have limited downside risk. If you are looking for an extremely cheap AI stock that is also a major beneficiary of Trump tariffs and onshoring, see our free report on the . READ NEXT: 30 Stocks That Should Double in 3 Years and 11 Hidden AI Stocks to Buy Right Now. Disclosure: None. This article is originally published at Insider Monkey. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
27 minutes ago
- Yahoo
What Trump's tariff hikes could mean for Apple & Amazon
It's been a busy week for Big Tech earnings, with results from Amazon (AMZN), Apple (AAPL), Microsoft (MSFT), and Meta (META). Yahoo Finance Senior Reporter Brooke DiPalma, Principal Asset Management chief global strategist Seema Shah, and Yahoo Finance Senior Business Reporter Ines Ferré join Opening Bid host Brian Sozzi to discuss the newest tariff headlines in relation to Big Tech. To watch more expert insights and analysis on the latest market action, check out more Opening Bid. I was listening to Tim Cook on that earnings call last night and I was laughing to myself in the sense I'm he's talking about a 1.1 billion dollar hit from tariffs this quarter and my thought was while the market's going to completely ignore this. But maybe they shouldn't. Uh that is over a billion dollar hit because of tariffs. And I think it says everything as to why we got this bad jobs report and why stocks are being sold off. Yeah, we are getting more commentaries from companies regarding the hit that they will be taking with respect to tariffs. I mean, we have seen this already with the automakers and we are now seeing it with Apple with them expecting to take an even bigger tariff as you just mentioned for the next quarter. Look, as far as Amazon's concerned as well, Andy Jassy talking about the sort of the lack of clarity where all of these tariffs all of these tariffs will land and especially with China. I think that these are big questions for companies. They are trying to sort this. Wall Street has believed so far that this is manageable as we do see these deals that have been coming through, but nevertheless, uh the impact, the longer term or or or midterm impact that these will be having, we are starting to hear more and more commentary from these CEOs about that impact. And uh Brooke, I loved how Andy Jassy, of course, the Amazon CEO just hopped on that call, uh didn't really acknowledge that they may or may not be raising prices, said tariffs, they're out there, maybe they're hurting us, maybe they're not, we're not going to tell you Wall Street on this call. But what caught my attention was, while the revenue accelerated for Amazon web services, the margins were under pressure a little bit, and the street generally does not like the numbers from that key cloud business, and that's why the stocks under pressure. Yeah, certainly. When you compare what we saw with Amazon's web services and you take what we saw, the strength that we saw for both Microsoft and Meta, that certainly put Amazon's web service into question especially when it came to that Q3 operating income guidance and that certainly put pressure on the street. And if you take a look now in these early hours of trading, we're seeing Amazon down even more, down more than 6%. And if you take a look at the week that we've had so far leading up to this report, we saw some momentum for Amazon, some optimism after we heard from both Microsoft and Meta that this cloud, this web services would perform well. And then what we saw is that major sell off after Thursday now and this open, but this is a completely different story. You look at Microsoft and you see this ongoing momentum. Of course, down a little bit under pressure this morning, based on the jobs report. We also got the latest tariff news, but same for meta, this ongoing momentum, really showing that AI cloud, you have to win in this game, you have to outperform your peers, and that's the story that played out overnight. Real quick, uh 30 seconds in my last word to you. Uh what are you inclined to do if one is uh over allocated to big cap tech stocks uh after this earning season? I mean is it do you stay long until end of the year or do you lighten load a little bit? No, I think you need to stay in this. I mean look, companies, any company which has exposure to international supply chains is going to be feeling the headwinds of tariffs. The thing that you want to be focused on is which is a company which has got the strong balance sheet, the cash flow, etc. which is able to withstand and deal with those headwinds, and I think that still points to some of these these big tech firms. AI is still going to be the frontier of productivity growth in the future and I think it's it's really important that investors is looking through some of the tariff noise and looking at that long-run balance sheet strength.
Yahoo
37 minutes ago
- Yahoo
The AI Race Has Big Tech Spending $344 Billion This Year
(Bloomberg) -- If there's any lesson to take from the spending plans issued by the world's largest technology companies over the past two weeks, it's to never underestimate the fear of missing out. The World's Data Center Capital Has Residents Surrounded An Abandoned Art-Deco Landmark in Buffalo Awaits Revival We Should All Be Biking Along the Beach Budapest's Most Historic Site Gets a Controversial Rebuild San Francisco in Talks With Vanderbilt for Downtown Campus Microsoft Corp., which set a $24.2 billion capital spending record last quarter, plans to drop upwards of $30 billion in the current period. Inc. similarly spent $31.4 billion last quarter, almost double what it dropped a year ago, and is maintaining that level of investment. Google owner Alphabet Inc. raised its capital expenditures guidance this year to $85 billion. Then there's Meta Platforms Inc.: The social networking giant lifted the low end of its forecast for 2025 capital expenditures and projected that costs will continue to grow at an even faster pace next year. Altogether, the four companies are expected to spend more than $344 billion for the year, with much of it going to the data centers necessary to run AI models. 'We've basically tripled capex investment in cloud due to AI,' Bloomberg Intelligence analyst Mandeep Singh said. The emphasis from virtually every company executive during this earnings season was on investing as quickly as possible to get ahead. 'We need the teams to execute at their very best to get the capacity in place as quickly and effectively as they can,' Microsoft Chief Financial Officer Amy Hood told analysts in a call Wednesday. Susan Li, Meta's CFO, said the goal of its own spend is to secure the advantage 'in developing the best AI models.' Wall Street's response has been mixed. Meta was rewarded — in large part because the company posted a strong second-quarter sales beat and issued a rosy revenue forecast, signaling that the billions it's spending on AI are paying off. 'On advertising, the strong performance this quarter is largely thanks to AI unlocking greater efficiency and gains across our ad system,' Chief Executive Officer Mark Zuckerberg said on an analyst call. Zuckerberg has plans to build several massive data centers and has been luring top AI researchers with compensation packages valued at hundreds of millions of dollars. The company recently restructured its internal AI division, now referred to as Meta Superintelligence Labs, in an effort to build human-level AI capabilities and apply that technology across its products. Shares of the company have gained more than 8% since it reported earnings on Wednesday. Amazon, on the other hand, failed to convince investors that its lavish spending has been worth it. The stock was down as much as 8.1% on Friday after the company reported tepid sales from its cloud division. The results were 'especially disappointing' given the strong performance from Google's and Microsoft's own cloud services, according to Bloomberg Intelligence. And the ongoing capital costs won't help. The operating margin for Amazon's cloud unit will continue to face pressure 'through 2026 as capital spending ramps up,' BI analysts Poonam Goyal and Anurag Rana said. Alphabet's shares are essentially unchanged from last week when it reported earnings and issued guidance. The company raised its capital expenditures outlook by $10 billion and expects to ramp up spending even more in 2026. Chief Executive Officer Sundar Pichai explained that the investments are necessary to keep up with customer demand. 'Obviously, we are seeing strong momentum across our portfolio, and especially in cloud,' Pichai told analysts in a call on July 23. 'It's a tight supply environment, and we are investing more to expand.' Nikhil Lai, an analyst at Forrester, put it another way: If Google wants to keep up with rivals, he said, it has little choice but to follow suit: 'Google's hand is forced by OpenAI to spend tremendously on AI's infrastructure and applications.' Microsoft tied its AI investments directly to a 39% jump in sales for its Azure cloud-computing division, which came in ahead of analysts' estimates. 'We continue to lead the AI infrastructure wave and took share every quarter this year,' Chief Executive Officer Satya Nadella said in a call with analysts on July 30. 'In Microsoft's case, the returns are good,' Gil Luria, an analyst with DA Davidson & Co., said in an interview. The only question now is whether Microsoft's customers are in turn seeing a decent return on investment, he said. 'That's where the test will be,' he said. 'If they don't, they're not going to increase that spend next year.' Apple Inc.'s capital plans pale in comparison to its big tech peers. But the iPhone maker did raise its spending estimates, tying much of the increase to AI efforts. Apple's property, plant and equipment investments totaled $9.47 billion in the nine months ended June 28, up nearly 45% from a year ago. 'You are going to continue to see our capex grow,' Chief Financial Officer Kevan Parekh told analysts on Thursday. 'It's not going to be exponential growth, but it is going to grow, substantially. And a lot of that's a function of the investments we're making in AI.' --With assistance from Nick Turner. (Adds chart after fourth paragraph and detail on Apple's spending in the second to last paragraph) How Podcast-Obsessed Tech Investors Made a New Media Industry Russia Builds a New Web Around Kremlin's Handpicked Super App Everyone Loves to Hate Wind Power. Scotland Found a Way to Make It Pay Off It's Not Just Tokyo and Kyoto: Tourists Descend on Rural Japan Cage-Free Eggs Are Booming in the US, Despite Cost and Trump's Efforts ©2025 Bloomberg L.P. Sign in to access your portfolio
