Microsoft issues urgent patch as SharePoint exploit spreads globally: How to stay safe online
Over the weekend, Microsoft issued a critical security alert warning of 'active attacks' on on-premise SharePoint servers, widely used by organisations and government bodies to manage and share internal documents. Notably, the tech giant clarified that SharePoint Online, part of its Microsoft 365 cloud suite, was not affected by the exploit, which is being classified as a "zero-day" vulnerability, meaning it was previously unknown to cybersecurity professionals.
Rafe Pilling, Director of Threat Intelligence at British cybersecurity firm Sophos, indicated that evidence pointed towards a single entity executing the campaign. 'Based on the consistency of the tradecraft seen across observed attacks, the campaign launched on Friday appears to be a single actor. However, it is possible that this will quickly change,' Pilling noted. He highlighted the use of identical digital payloads across various targets as a significant indicator of a singular source.
While Microsoft confirmed that it had released security updates to address the flaw, the company urged users to install the patches without delay. However, cybersecurity experts caution that remediation may require more than just patch deployment.
Daniel Card, of the UK-based consultancy PwnDefend, warned that the scope of the attack suggested a broad level of compromise. 'The SharePoint incident appears to have created a broad level of compromise across a range of servers globally. Taking an assumed breach approach is wise, and it is also important to understand that just applying the patch is not all that is required here,' he said.
According to Shodan, a search engine that indexes internet-connected devices, over 8,000 SharePoint servers currently accessible online may have already been exposed to the exploit. These include systems belonging to prominent industrial companies, financial institutions, healthcare providers, auditors, and multiple U.S. state and international government organisations.
The identity of the attacker remains unknown. Moreover, the US Federal Bureau of Investigation (FBI) acknowledged the incident on Sunday, stating that it was working alongside both federal partners and private sector entities to assess the situation.
Meanwhile, the UK's National Cyber Security Centre has yet to respond publicly.
The Washington Post reported that unidentified cyber actors had recently leveraged the SharePoint vulnerability to target both American and international agencies, suggesting the campaign could have extensive geopolitical ramifications.
(With inputs from Reuters)
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Hindustan Times
33 minutes ago
- Hindustan Times
Trade on agenda as Trump lands in Scotland for diplomacy and golf
US President Donald Trump landed in Scotland on Friday for a five-day visit set to mix diplomacy, business and leisure, as a huge UK security operation swung into place amid planned protests near his family-owned golf resorts. HT Image The president, whose mother was born in Scotland, will split his time between two seaside golf courses bearing his name, in Turnberry on the southwestern coast and Aberdeen in the northeast. Air Force One, carrying the president and White House staff, touched down at Prestwick Airport near Glasgow shortly before 8:30 pm (1930 GMT). Police officers lined surrounding streets and several hundred curious Scots came out hoping for a glimpse of the US leader as he made his way to Turnberry. Trump has no public events scheduled for Saturday and is expected to play golf at his picturesque resort, before meeting EU chief Ursula von der Leyen on Sunday for trade talks. Trump is also due to meet UK Prime Minister Keir Starmer during the trip. "We're going to do a little celebrating together, because we got along very well," Trump told reporters as he left the White House Friday, calling Starmer "a good guy" doing "a very good job". He said they would discuss "fine tuning" the bilateral trade deal struck in May, and would "maybe even improve it". But the unpredictable American leader appeared unwilling to cede to a UK request for reduced steel and aluminium tariffs. Trump has exempted British exports from blanket 50 percent tariffs on both metals, but the fate of that carve-out remains unclear. "If I do it for one, I have to do it for all," Trump told reporters, when asked if he had any "wiggle room" for the UK on the issue. The international outcry over the conflict in Gaza may also be on the agenda, as Starmer faces growing pressure to follow French President Emmanuel Macron and announce that Britain will also recognise a Palestinian state. Trump is due to return to the UK in September for a state visit -- his second -- at the invitation of King Charles III, which promises to be lavish. During a 2023 visit, Trump said he felt at home in Scotland, where his mother Mary Anne MacLeod grew up on the remote Isle of Lewis before emigrating to the United States at age 18. "He's original, he does things the way he wants to. I think a lot of our politicians could take a good leaf out of his book," 45-year-old Trump fan Lisa Hart told AFP as she waited to see his plane touch down. But the affection between Trump and Scotland is not always mutual. Residents, environmentalists and elected officials have voiced discontent over the Trump family's construction of a new golf course, which he is expected to open before he departs the UK on Tuesday. Police Scotland, which is bracing for mass protests in Edinburgh and Aberdeen as well as close to Trump's golf courses, have said there will be a "significant operation across the country over many days". Scottish First Minister John Swinney, who will also meet Trump during the visit, said the nation "shares a strong friendship with the United States that goes back centuries". Trump has also stepped into the sensitive debate in the UK about green energy and reaching net zero, with Aberdeen being the heart of Scotland's oil industry. In May, he wrote on his Truth Social platform that the UK should "stop with the costly and unsightly windmills" as he urged incentivising drilling for oil in the North Sea. The trip to Scotland puts physical distance between Trump and the latest twists in the case of convicted sex offender Jeffrey Epstein, the wealthy financier accused of sex trafficking who died in prison in 2019 before facing trial. In his heyday, Epstein was friends with Trump and others in the New York jet-set, but the president is now facing backlash from his own MAGA supporters who demand access to the Epstein case files. Many support a conspiracy theory under which "deep state" elites protected rich and famous people who took part in an Epstein sex ring. But Trump is urging his supporters to move on from the case. The Wall Street Journal, which published an article detailing longstanding links between Trump and the sex offender, is being punished by the White House. Its reporting team plans to travel to Scotland on their own and join the White House press pool. But it has now been denied a seat on Air Force One for the flight back home. While Trump's family has undertaken many development projects worldwide, the president no longer legally controls the family holdings. But opponents and watchdog groups have accused him of having many conflicts of interest and using his position as US president to promote private family investments, especially abroad. aue-jkb-jj-pdh/dc
United News of India
38 minutes ago
- United News of India
Laurus Labs Q1FY26 net surges 1154 pc to Rs 163 cr
Hyderabad, July 25 (UNI) Laurus Labs, a leading research and development driven pharmaceutical and biotech company in India, on Friday posted a net profit of Rs 163 crore in Q1FY26, up 1154 per cent Y-o-Y as compared to Rs 13 crore in the same period last year. Revenue during the period increased by 31 percent to Rs 1,570 crore as against Rs 1195 crore during the corresponding period in the previous year, the Hyderabad-based Pharma company said in a release here. Commenced construction of new Gene/ADC facility in Hyderabad (Telangana) while Fermentation manufacturing site (Vizag) build up on track as planned and expect the facility to commence operations by 2026 end, the release said. Dr. Satyanarayana Chava, Founder & Chief Executive Officer commented; 'We made healthy progress to start the year with increasing contributions from CDMO business and continued advancement of pipeline projects, supported by Generic FDF. We are moving ahead with a strong focus on commercial execution realizing the full potential from promising pipeline opportunities, business development and rapidly enhancing scale and technology capabilities'. We also commenced construction of various facilities across CDMO, Generics and FDF. Once complete, these facilities will fortify our ongoing commitment of being a high-quality development and manufacturing partner at scale including advanced therapies. We remain confident in our strategic direction and commitment as the source of sustainable value creation now and well into the future, he added. V V Ravi Kumar, Executive Director & Chief Financial Officer said 'We are pleased to see sustained growth momentum fueled by increasing uptake in CDMO deliveries and healthy business fundamentals. We have achieved revenues of Rs 1,570 crore, representing 31 per cent growth and EBITDA of Rs 389 crore, representing 127 percent growth. The EBITDA margins improved substantially to 24.8 percent, supported by continuing operating leverage. Gross margins stood strong at 59.4 per cent due to favorable CDMO mix and ongoing process improvement initiatives'. We will continue to invest fully behind high value business opportunities to drive near and long- term growth and returns for our shareholders, he added. UNI KNR GNK
Time of India
an hour ago
- Time of India
Calcutta Club elects 1st woman president, breaks glass ceiling
Kolkata: The 118-year-old Calcutta Club, one of the city's most prominent British-era heritage clubs, has elected its first woman president. Businesswoman Kasturi Raha secured 715 votes, prevailing over Pradeep Kumar Mukherjee and Snehashish Bhaumik — who secured 630 and 579 votes respectively. TOI had reported a week back that a woman candidate was vying for the post of president. Raha had contested in 2021 as well but lost. You Can Also Check: Kolkata AQI | Weather in Kolkata | Bank Holidays in Kolkata | Public Holidays in Kolkata Other premier social clubs like Bengal Club, Tolly Club, RCGC, RCTC, Calcutta Rowing Club or CCFC have never had a woman leading them. Raha runs a family business of medical equipment and also has a business of dry flower export.
