Explained: 10000-plus companies at risk and …, what makes the Microsoft SharePoint attack very dangerous right now
is scrambling to contain a widespread cyberattack targeting
SharePoint
servers worldwide, with cybersecurity experts warning that over 10,000 companies could be at risk.
Tired of too many ads? go ad free now
The software giant confirmed that hackers are actively exploiting previously unknown security flaws in on-premises SharePoint servers used by government agencies, universities, and major corporations to share internal documents.
The Cybersecurity and Infrastructure Security Agency (
CISA
) added the vulnerability to its Known Exploited Vulnerability catalog on Saturday, giving federal agencies just one day to apply patches once they become available.
"These exploits are real, in-the-wild, and pose a serious threat," warned Palo Alto Networks, while Google's Threat Intelligence Group confirmed observing active exploitation attempts.
Dutch cybersecurity firm Eye Security first detected the attacks on July 18th and reports that at least 85 SharePoint servers across 54 organizations have already been compromised. Among the victims are a California university, energy companies, federal health organizations, and government entities in Florida and New York.
Microsoft Sharepoint's zero-day exploits leave tens and thousands of organisations vulnerable
The attack leverages what's known as a "zero-day" vulnerability – a security flaw unknown to software makers until it's actively exploited by hackers. Cybersecurity researchers estimate that over 10,000 companies with SharePoint servers are potentially at risk, with the United States, Netherlands, United Kingdom, and Canada having the highest concentrations of vulnerable systems.
"It's a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well," said Silas Cutler, a researcher at Michigan-based Censys.
Tired of too many ads? go ad free now
The vulnerability allows hackers to access file systems, steal sensitive configurations, and execute malicious code across networks without authentication.
The attackers are using a technique called "ToolShell" that was originally demonstrated at the
Pwn2Own security conference
. They upload malicious files to steal critical server keys, then use these stolen credentials to create valid access tokens that bypass security measures entirely.
Government agencies among primary targets in Microsoft Sharepoint attack
Federal and state agencies appear to be prime targets in this campaign, with the FBI confirming it's "aware of the matter" and working with government and private sector partners to assess the threat. The Washington Post reported that the breach has affected multiple U.S. agencies, though specific details remain classified for security reasons.
CISA's Acting Executive Assistant Director for Cybersecurity Chris Butera emphasized the urgency: "Microsoft is responding quickly, and we are working with the company to help notify potentially impacted entities about recommended mitigations.
CISA encourages all organizations with on-premise Microsoft SharePoint servers to take immediate recommended action."
Organizations can detect if they've been compromised by checking for suspicious files named "spinstall0.aspx" on their servers or unusual network activity from specific IP addresses that security firms have identified as attack sources.
Microsoft releases emergency updates
Microsoft has released emergency security updates for SharePoint 2019 and Subscription Edition servers, with a patch for SharePoint 2016 expected soon.
The company recommends that organizations unable to immediately apply updates should disconnect their SharePoint servers from the internet until patches can be installed.
For additional protection, Microsoft advises enabling its Antimalware Scan Interface (AMSI) feature and deploying Windows Defender Antivirus on all SharePoint servers. Organizations should also rotate their server security keys after applying patches to prevent further unauthorized access.
This incident adds to Microsoft's recent cybersecurity challenges, including Chinese hacker attacks earlier this year and criticism from the White House's Cyber Safety Review Board, which called the company's security culture "inadequate" following previous breaches.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Indian Express
12 minutes ago
- Indian Express
Hindustan Zinc pays out as dividend more than it earns, alleges US research firm Viceroy
US-based Viceroy Research has alleged that Hindustan Zinc Ltd (HZL), belonging to the Vedanta group led by Anil Agarwal, has paid out far more in dividends than it earned, purportedly borrowing to make up the shortfall. The research house has estimated a shortfall in free cash flow (FCF) of HZL — once a public sector firm — in the first quarter ended June 2025 to be around Rs 3,600 crore ($371m). 'HZL CFO Sandeep Modi's 'Rs 10,000 crore ($1.17b) free cash flow' claim collapses under scrutiny. Cash flows are subsidized by debt. If HZL's dividend remains the same as last year, we estimate HZL will incur an annual FCF shortfall of at least Rs 5,000 crore ($580m) and must be funded by more debt,' it said. When contacted, HZL spokesperson said. 'the Viceroy report is a combination of selective misinformation and baseless allegations. All resolutions are detailed and part of Board undertakings which are taken to them after rigorous due diligence. In the past 20 years the company's zinc production capacity has grown more than 4 times and silver by 20 times.' 'Hindustan Zinc is steered through a stringent governance framework wherein all matters are taken to the Board and this process is followed for all proposals,' HZL said. Viceroy alleged that HZL has not generated Rs 10,000 crore in FCF since 2023, at which point FCF has fallen sequentially. On an annualized run rate: we expect HZL FCF at Rs 7,000 crore. In FY 23, during a short commodities rally post covid, HZL generated Rs 12,000 crore FCF, and paid Rs 31,000 crore in dividends, accruing an enormous deficit. Leverage increased sharply vs Q1 2024, with the debt-equity ratio rising from 0.8x to 1.2x. FCF represents the amount of cash a business generates after accounting for capital expenditures needed to maintain or expand its asset base. In simpler terms, it's the cash left over after a company pays for its operating expenses and investments in equipment, property, or other assets. Vedanta acquired HZL from the government in 2002. Disclosures suggest HZL incurred Rs 2,000 crore ($232m) of new debt in the June quarter of FY26. HZL's auditor, SR Batliboi, failed to investigate material concerns, relying entirely on management assertions while the company's capital base deteriorated and governance collapsed, Viceroy alleged. HZL spokesperson said it has become the world's largest integrated zinc producer and is amongst the top 5 primary silver producers. 'It has created immense stakeholder value through increase in market cap by more than 500 times, in addition to dividends to shareholders and exchequer contribution. HZL contributes nearly 35 percent of the declared dividend to the government treasury, including dividend to government and tax deducted at source (TDS),' he said. According to HZL, this quarter amidst commodity headwinds the company delivered beyond market expectations and registered record high first quarter mined metal production and lowest cost of production. In FY25, the company clocked its second-best profit, up 33% YoY. Hindustan Zinc's bank facilities and debt programmes are Crisil AAA rated highlighting our efficient & integrated operations, and strong financial risk profile. And this consistent performance reflects the growing trust of our stakeholders, HZL said. The research firm also questioned the brand fees paid out by HZL. In the earnings call, HZL's CEO Arun Misra 'credited offshore brand fees (paid in advance) as justifiable by past 'risks' undertaken by Vedanta as a shareholder of HZL. This is preposterous,' the research firm said. 'HZL CEO Arun Misra's defense of the controversial 3 per cent brand fee, a fee that results in hundreds of crores in annual payments to VRL (Vedanta Resources), was the centrepiece of his narrative during the Q1FY26 Earnings Call,' the US firm said. 'We reiterate our belief that this 'brand fee' is an uncommercial contract with VEDL (Vedanta Ltd), who does not appear to provide any brand, management, or other auxiliary services to HZL. There are no employees or substantial operations at VRL to justify brand fee payments,' Viceroy said. 'Vedanta's shares in HZL bear the same risk as every other equity holder, including the government of India. If anything, it is the non-promoter shareholders that have borne the outsized risk of HZL taking outsized loans to bail out promoters,' it alleged. HZL said 'Vedanta' is a prominent global brand in the natural resources sector and the brand is a registered intellectual property of Vedanta Resources. 'HZL and other group companies use the brand under a brand license/sub-license agreement and pay a Board-approved brand and strategic services fee for its usage. This structure reflects a standard intercompany licensing model used globally by diversified groups and is fully compliant with Indian accounting, tax and governance regulations, and follows internationally accepted practices,' HZL spokesperson said.
Mint
14 minutes ago
- Mint
Infosys ADR shares jump over 3% on NYSE after IT major's net profit rises 9% YoY to ₹6,921 crore. Details here
Infosys ADR Shares: India's second-largest IT company, Infosys Ltd's American Depository Receipt (ADR) shares jumped over 3% to $18.83 on the New York Stock Exchange (NYSE) after Wall Street opened on Wednesday, 23 July 2025. The Infosys ADR shares rose over 3% to $18.83 at the US market open, compared to $18.26 at the previous market session on Wall Street. The company announced its April-June quarter results after the Indian stock market closed on Wednesday. As of 11:12 a.m. (EDT), the shares of the IT major were trading 1.48% higher at $18.53. After hitting its intraday high levels, the ADR stock dropped to its current level as of the early market session. ADR shares are tools that foreign companies use to leverage a special certificate issued by a US bank to trade on the US stock market, similar to other regular US-based companies. India's second-largest IT company, Infosys, posted a 9% rise in its consolidated net profits to ₹ 6,921 crore for the first quarter of the 2025-26 fiscal year, compared to ₹ 6,368 crore in the same quarter in the previous fiscal year. However, the company's net profits dropped 1.6% on a sequential basis in the April-June quarter. Infosys' revenue from core operations increased 7.5% to ₹ 42,279 crore in the April-June quarter of the financial year ended 2025-26, supported by consistent deal momentum and sustained demand for digital transformation services from global clients. According to Mint's earnings coverage, the company also revised its 2025-26 fiscal year constant currency revenue growth guidance, raising the lower end to 1% while retaining the upper end at 3%. Infosys ADR shares trading on the NYSE have given US market investors more than 68% returns on their investment in the last five years. However, the shares were down 15.13% in the last one-year period. On a year-to-date (YTD) basis, the IT major's ADR stock has dropped 17.19% and is trading 2.91% lower in the last five market sessions on Wall Street. The shares hit their 52-week high at $23.63, while the 52-week low level was at $15.82. The shares are trading above their year-low levels, and the company's market capitalisation stands at $75.52 billion as of the stock market session on Wednesday, 23 July 2025. Read all stories by Anubhav Mukherjee
News18
22 minutes ago
- News18
What Is ‘Everesting' Challenge? The Brutal Climb That Claimed Life Of NYC Millionaire
Last Updated: Originally from Westport, Connecticut, Leykind worked at CG Sawaya Partners, a New York-based investment bank. Slava Leykind, a US-based millionaire and father of three, tragically lost his life after attempting the gruelling 'Everesting' endurance challenge on a Wyoming mountain. The 43-year-old banking executive died on July 2, just days after completing six intense ascents of Snow King Mountain in Jackson Hole. According to reports, Leykind went into cardiac arrest following the challenge and was immediately hospitalised in Idaho, where he later succumbed to his condition. Originally from Westport, Connecticut, Leykind worked at CG Sawaya Partners, a New York-based investment bank. Known for his professional success and dedication to fitness, he set out last month to take on the Everesting challenge, a physically punishing test that involves climbing the same mountain repeatedly until one has scaled the equivalent height of Mount Everest. On June 27, Leykind began his climb at 6 am, tackling the steep 1,500-foot ascent of Snow King Mountain. He managed six full ascents throughout the day before beginning to feel unwell. By 11:30 pm, emergency responders from Jackson Hole Fire and EMS arrived at the scene to provide urgent medical care and transported him to the Eastern Idaho Regional Medical Center. Despite efforts by medical staff, Leykind passed away five days later. Teton County Coroner Brent Blue later confirmed that his death was caused by 'an electrolyte imbalance causing cardiac arrest." Leykind is survived by his wife, Amy Keller Leykind, and their three children. Born in Minsk, USSR, he emigrated to the US in 1988. The New York Post accessed his obituary, which read, 'Despite his significant professional success at a young age, Slava's role as a husband and father was his greatest achievement, passion, and pride." What Is The 'Everesting' Challenge? Inspired by the world's tallest peak, the Everesting Challenge pushes participants to climb a mountain multiple times until they have reached a total elevation gain of 29,032 feet — the height of Mount Everest. At Snow King Mountain, this means hiking the 1,500-foot peak 19 times in a single effort. After each ascent, participants ride a gondola back to the base to begin the next climb. The challenge tests not only physical endurance but also mental resilience, and it has become increasingly popular among athletes and extreme fitness enthusiasts. Unfortunately, for Slava Leykind, the extreme nature of this challenge proved fatal. Get breaking news, in-depth analysis, and expert perspectives on everything from geopolitics to diplomacy and global trends. Stay informed with the latest world news only on News18. Download the News18 App to stay updated! view comments First Published: Disclaimer: Comments reflect users' views, not News18's. Please keep discussions respectful and constructive. Abusive, defamatory, or illegal comments will be removed. News18 may disable any comment at its discretion. By posting, you agree to our Terms of Use and Privacy Policy.
