Microsoft says some SharePoint server hackers now use ransomware
Microsoft's server software now involves the deployment of ransomware, Microsoft said in a blog post on July 23.
In the post, citing 'expanded analysis and threat intelligence,' Microsoft said a group it dubs Storm-2603 is using the vulnerability to seed the ransomware, which typically works by paralysing victims' networks until a digital currency payment is made.
The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organisations cataloged over the weekend. Eye Security says the figure is likely an undercount.
'There are many more, because not all attack vectors have left artifacts that we could scan for,' said Mr Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches.
The details of most of the victim organisations have not yet been fully disclosed, but a representative for the National Institutes of Health confirmed on July 23 that one of the organisation's servers had been compromised.
'Additional servers were isolated as a precaution,' he said. The news of the compromise was first reported by the Washington Post. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. REUTERS
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Times
a minute ago
- Business Times
Chinese AI firms form alliances to build domestic ecosystem amid US curbs
[SHANGHAI] China's artificial intelligence (AI) companies have announced two new industry alliances, aiming to develop a domestic ecosystem to reduce dependence on foreign tech as they seek to cope with US export restrictions on advanced Nvidia chipsets. The announcements were timed to coincide with the three-day World Artificial Intelligence Conference in Shanghai ending on Monday (Jul 28). The conference also showcased a slew of new products, such as an AI computing system from Huawei that experts believe rivals Nvidia's most advanced offering, as well as consumer-friendly products such as several kinds of digital AI glasses. The 'Model-Chip Ecosystem Innovation Alliance' brings together Chinese developers of large language models (LLMs) and AI chip manufacturers. 'This is an innovative ecosystem that connects the complete technology chain from chips to models to infrastructure,' said Zhao Lidong, CEO of Enflame, one of the participating chipmakers. Other manufacturers of graphics processing units (GPUs) in the alliance include Huawei, Biren, and Moore Threads, which have been hit by US sanctions that block them from purchasing advanced tech made with US know-how. The alliance was announced by StepFun, an LLM developer. BT in your inbox Start and end each day with the latest news stories and analyses delivered straight to your inbox. Sign Up Sign Up A second alliance, the Shanghai General Chamber of Commerce AI Committee, aims to 'promote the deep integration of AI technology and industrial transformation'. Participants include SenseTime, also sanctioned by the US and which has pivoted from facial recognition technology to LLMs. Others are StepFun and another LLM developer, MiniMax, as well as chipmakers Metax and Iluvatar CoreX. One of the most talked about products at the conference was Huawei's CloudMatrix 384 which incorporates 384 of its latest 910C chips and outperforms Nvidia's GB200 NVL72 on some metrics, according to US research firm SemiAnalysis. Huawei's system design capabilities have meant that it has been able to use more chips and system-level innovations to compensate for weaker individual chip performance, SemiAnalysis said. At least six other Chinese computing firms showcased similar 'clustering' chip technology. Metax demonstrated an AI supernode featuring 128 C550 chips designed to support large-scale liquid-cooled data centre requirements. Other events included Tencent's unveiling of its open-source Hunyuan3D World Model 1.0, which the company said enables users to generate interactive 3D environments through text or image prompts. Baidu announced what it said was next-generation 'digital human' technology that helps businesses to create virtual livestreamers. It features 'cloning technology' that can replicate a human's voice, tone, and body language from just 10 minutes of sample footage. Alibaba was among those announcing AI glasses. Its Quark AI Glasses are powered by its Qwen AI model and are due to be released in China by the end of 2025. They will allow users to access the tech giant's map service for easy navigating and to use Alipay by scanning QR codes with voice commands. REUTERS
Straits Times
31 minutes ago
- Straits Times
Trump pauses export controls to bolster China trade deal, FT says
Find out what's new on ST website and app. The industry and security bureau of the Commerce Department, which oversees export controls, has been told to avoid tough moves on China. WASHINGTON - The US has paused curbs on tech exports to China to avoid disrupting trade talks with Beijing and support President Donald Trump's efforts to secure a meeting with President Xi Jinping in 2025, the Financial Times said on July 28. The industry and security bureau of the Commerce Department, which oversees export controls, has been told in recent months to avoid tough moves on China, the newspaper said, citing current and former officials. Reuters could not immediately verify the report. The White House and the department did not respond to Reuters' requests for comment outside business hours. Top US and Chinese economic officials are set to resume talks in Stockholm on July 28 to tackle longstanding economic disputes at the centre of a trade war between the world's top two economies. Tech giant Nvidia said in July it would resume sales of its H20 graphics processing units (GPU) to China, reversing an export curb the Trump administration imposed in April to keep advanced AI chips out of Chinese hands over national security concerns. The planned resumption was part of US negotiations on rare earths and magnets, Commerce Secretary Howard Lutnick has said. Top stories Swipe. Select. Stay informed. Singapore Tanjong Katong sinkhole backfilled; road to be repaved after LTA tests Singapore MRT platform screen doors at 15 underground stations to undergo renewal Singapore 'Medium risk' of severe haze as higher agricultural prices drive deforestation: S'pore researchers Singapore Jail for former pre-school teacher who tripped toddler repeatedly, causing child to bleed from nose Singapore Police statements by doctor in fake vaccine case involving Iris Koh allowed in court: Judge Singapore Authorities say access to Changi intertidal areas unaffected by reclamation, in response to petition Singapore No change to SIA flights between S'pore and Cambodia, S'pore and Thailand, amid border dispute Singapore Not feasible for S'pore to avoid net‑zero; all options to cut energy emissions on table: Tan See Leng The paper said 20 security experts and former officials, including former deputy US national security adviser Matt Pottinger, will write on July 28 to Mr Lutnick to voice concern, however. 'This move represents a strategic misstep that endangers the United States' economic and military edge in artificial intelligence,' they write in the letter, it added. REUTERS
Business Times
an hour ago
- Business Times
McDonald's to sell eight Hong Kong retail spaces valued at HK$1.2 billion: JLL
[HONG KONG] McDonald's is planning to sell eight prime retail properties in Hong Kong with a total market value of around HK$1.2 billion (S$196 million), JLL, which has been appointed as the sole agent of the sale, said on Monday (Jul 28). The McDonald's outlets in the locations will remain operational, JLL executive director of capital markets Eunice Tang said. Hong Kong Economic Times reported earlier on Monday that McDonald's planned to sell all of its 23 retail spaces – valued at nearly HK$3 billion in total – in batches, but it would continue operating in existing locations as tenants, and the sale would not affect its operations in the city. McDonald's has around 256 restaurants in Hong Kong, the report said, many in rented spaces. McDonald's could not be immediately reached for comment. In 2017, Chicago-based McDonald's sold an 80 per cent stake in its mainland Chinese and Hong Kong operations to a group that included Citic, its investment arm Citic Capital, and Carlyle Group for up to US$2.1 billion. But the assets remain under McDonald's. The sale of the eight retail properties is offered through a public tender that ends on Sep 16. JLL said it had already received significant interest from a wide pool of potential investors. All the properties are secured with long-term McDonald's leases, and they are available for purchase either individually or as a portfolio, it added. Overall prime street rents in the first quarter have fallen back to 2003 levels, as Hong Kong's retailers battle shifting consumer habits that have led to a wave of store closures. REUTERS
