Microsoft releases urgent fix for SharePoint vulnerability being used in global cyberattacks
The company issued an alert to customers Saturday saying it was aware of the zero-day exploit - where hackers take advantage of a previously unknown vulnerability - being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software.
Cyber criminals often use zero-day exploits to steal sensitive data and passwords. The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams.
The company said in its blog post that it discovered at least dozens of systems were compromised around the world. Security engineers stated the attacks occurred in waves on July 18 and 19.
Although the scope of the attack is still being assessed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arab Times
12 hours ago
- Arab Times
World markets mixed, Japan's shares dip after election leaves Ishiba's future in doubt
BANGKOK, July 22, (AP): World shares were mixed on Tuesday after U.S. stock indexes inched to more records at the start of a week of profit updates from big U.S. companies. Germany's DAX lost 0.5% to 24,186.14 and the CAC 40 in Paris gave up 0.4% to 7,768.46. Britain's FTSE 100 edged 0.1% lower, to 9,009.34. The futures for the S&P 500 and the Dow Jones Industrial Average were virtually unchanged. In Asian trading, Japan's benchmark surged and then fell back as it reopened from a holiday Monday following the ruling coalition's loss of its upper house majority in Sunday's election. The Nikkei 225 shed 0.1% to 39,774.92. Analysts said the market initially climbed as investors were relieved that Prime Minister Shigeru Ishiba vowed to stay in office despite the setback . But the election's outcome has added to political uncertainty and left his government without the heft needed to push through legislation. A breakthrough in trade talks with the US might win Ishiba a reprieve, but so far there's been scant sign of progress in negotiating away the threat of higher tariffs on Japan's exports to the US beginning Aug 1. "Relief may be fleeting. Ishiba's claim to leadership now rests on political duct tape, and history isn't on his side. The last three LDP leaders who lost the upper house didn't last two months,' Stephen Innes of SPI Asset Management said in a commentary. Elsewhere, Hong Kong's Hang Seng rose 0.4% to 25,082.78, while the Shanghai Composite index advanced 0.6% to 3,581.86. South Korea's Kospi sank 1.3% to 3,169.94, with investors concerned over the Aug. 1 deadline for making a deal with U.S. President Donald Trump or facing 25% tariffs on all the country's exports to the US. Australia's S&P/ASX 200 added 0.1% to 8,677.20. India's Sensex gained 0.1%, while In Thailand, the SET sank 1.1% after the government named Vitai Ratanakorn as the new future governor of the central bank. He is viewed as likely to be less independent than the current governor, raising concerns about the bank's independence, analysts said. Vitai will replace Sethaput Suthiwartnarueput, when his term as governor ends in September.
Arab Times
a day ago
- Arab Times
'Please be careful.' There are risks and rewards as crypto heavyweights push tokenization
NEW YORK, July 21, (AP): As cryptocurrencies become more intertwined with the traditional financial system, industry heavyweights are racing for a long-sought goal of turning real-world assets into digital tokens. "Tokenization is going to open the door to a massive trading revolution,' said Vlad Tenev, the CEO of the trading platform Robinhood at a recent James Bond-themed tokenization launch event in the south of France. Advocates say tokenization is the next leap forward in crypto and can help break down walls that have advantaged the wealthy and make trading cheaper, more transparent and more accessible for everyday investors. But critics say tokenization threatens to undermine a century's worth of securities law and investor protections that have made the U.S. financial system the envy of the world. And Robinhood's push into tokenizing shares of private companies quickly faced pushback from one of the world's most popular startups. The basic idea behind tokenization: Use blockchain technology that powers cryptocurrencies to create digital tokens as stand-ins for things like bonds, real estate or even fractional ownership of a piece of art and that can be traded like crypto by virtually anyone, anywhere at any time. The massive growth of stablecoins, which are a type of cryptocurrency typically bought and sold for $1, has helped fuel the appetite to tokenize other financial assets, crypto venture capitalist Katie Haun said on a recent podcast. She said tokenization will upend investing in ways similar to how streamers radically changed how people watch television. "You used to have to sit there on a Thursday night and watch Seinfeld,' Haun said. "You tune in at a specific time, you don't get to choose your program, you couldn't be watching a program like Squid Games from Korea. Netflix was market-expanding. In the same way, I think the tokenization of real-world assets will be market expanding.' Robinhood began offering tokenized stock trading of major U.S. public companies for its European customers earlier this month and gave away tokens to some customers meant to represent shares in OpenAI and SpaceX, two highly valued private companies. Several other firms are diving in. Crypto exchange Kraken also allows customers outside the U.S. to trade tokenized stocks while Coinbase has petitioned regulators to open the market to its U.S. customers. Wall Street giants BlackRock and Franklin Templeton currently offer tokenized money market funds. McKinsey projects that tokenized assets could reach $2 trillion by 2030. The push for tokenization comes at a heady time in crypto, an industry that's seen enormous growth from the creation and early development of bitcoin more than 15 years ago by libertarian-leaning computer enthusiasts to a growing acceptance in mainstream finance. The world's most popular cryptocurrency is now regularly setting all-time highs - more than $123,000 on Monday - while other forms of crypto like stablecoins are exploding in use and the Trump administration has pledged to usher in what's been called the "golden age' for digital assets. Lee Reiners, a lecturing fellow at Duke University, said the biggest winners in the push for tokenization could be a small handful of exchanges like Robinhood that see their trading volumes and influence spike. "Which is kind of ironic given the origins of crypto, which was to bypass intermediaries,' Reiners said. Interest in tokenization has also gotten a boost thanks to the election of President Donald Trump, who has made enacting more crypto-friendly regulations a top priority of his administration and signed a new law regulating stablecoins on Friday. "Tokenization is an innovation and we at the SEC should be focused on how do we advance innovation at the marketplace,' said Securities and Exchange Commission Chairman Paul Atkins. Securities law can be complex and even defining what is a security can be a hotly debated question, particularly in crypto. The crypto exchange Binance pulled back offerings of tokenized securities in 2021 after German regulators raised questions about potential violations of that country's securities law. Under Trump, the SEC has taken a much less expansive view than the previous administration and dropped or paused litigation against crypto companies that the agency had previously accused of violating securities law. Hilary Allen, a professor at the American University Washington College of Law, said crypto companies have been emboldened by Trump's victory to be more aggressive in pushing what they can offer. "The most pressing risk is (tokenization) being used as a regulatory arbitrage play as a way of getting around the rules,' she said. However, the SEC has struck a cautionary tone when it comes to tokens. Shortly after Robinhood's announcement, SEC Commissioner Hester Peirce, who has been an outspoken crypto supporter, issued a statement saying companies issuing tokenized stock should consider "their disclosure obligations' under federal law. "As powerful as blockchain technology is, it does not have magical abilities to transform the nature of the underlying asset,' Peirce said. One of the most closely watched areas of tokenization involves private companies, which aren't subject to strict financial reporting requirements like publicly traded ones. Many hot startups are not going public as often as they used to and instead are increasingly relying on wealthy and institutional investors to raise large sums of money and stay private. That's unfair to the little guy, say advocates of tokenization. "These are massive wealth generators for a very small group of rich, well-connected insiders who get access to these deals early,' said Robinhood executive Johann Kerbrat. "Crypto has the power to solve this inequality.' But Robinhood's giveaway of tokens meant to represent an investment in OpenAI immediately drew pushback from the company itself, which said it was not involved in Robinhood's plan and did not endorse it. "Any transfer of OpenAI equity requires our approval-we did not approve any transfer,' OpenAI said on social media. "Please be careful.' Public companies have strict public reporting requirements about their financial health that private companies don't have to produce. Such reporting requirements have helped protect investors and give a legitimacy to the U.S. financial system, said Allen, who said the push for tokenized sales of shares in private companies is "eerily familiar' to how things played out before the creation of the SEC nearly a century ago. "Where we're headed is where we were in the 1920s,' she said. "Door-to-door salesmen offering stocks and bonds, half of it had nothing behind it, people losing their life savings betting on stuff they didn't understand.'
Arab Times
a day ago
- Arab Times
Microsoft releases urgent fix for SharePoint vulnerability being used in global cyberattacks
NEW YORK, July 21, (AP): Microsoft has issued an emergency fix to close off a vulnerability in Microsoft's SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies. The company issued an alert to customers Saturday saying it was aware of the zero-day exploit - where hackers take advantage of a previously unknown vulnerability - being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software. Cyber criminals often use zero-day exploits to steal sensitive data and passwords. The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams. The company said in its blog post that it discovered at least dozens of systems were compromised around the world. Security engineers stated the attacks occurred in waves on July 18 and 19. Although the scope of the attack is still being assessed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
