Microsoft server hack hit 100 organisations: analysts
Microsoft on Saturday issued an alert about "active attacks" on self-hosted SharePoint servers, which are widely used by organisations to share documents and collaborate within organisations.
SharePoint instances run off of Microsoft servers were unaffected.
Dubbed a "zero-day" because it leverages a previously undisclosed digital weakness, the hacks allow spies to penetrate vulnerable servers and potentially drop a backdoor to secure continuous access to victim organisations.
❗ ALERT ❗ ASD's ACSC is aware of a vulnerability affecting instances of Microsoft Office SharePoint Server products. Organisations should take immediate action 👉 https://t.co/HB1ATIHewP pic.twitter.com/qqefoLyMb7— Australian Signals Directorate (@ASDGovAu) July 20, 2025
Vaisha Bernard, the chief hacker at Eye Security, a Netherlands-based cybersecurity firm, which discovered the hacking campaign targeting one of its clients on Friday, said that an internet scan carried out with the Shadowserver Foundation had uncovered nearly 100 victims altogether - and that was before the technique behind the hack was widely known.
"It's unambiguous," Bernard said.
"Who knows what other adversaries have done since to place other backdoors."
He declined to identify the affected organisations, saying that the relevant national authorities had been notified.
The Shadowserver Foundation confirmed the 100 figure and said that most of those affected were in the United States and Germany and that the victims included government organisations.
Another researcher said that, so far, the spying appeared to be the work of a single hacker or set of hackers.
"It's possible that this will quickly change," said Rafe Pilling, director of Threat Intelligence at Sophos, a British cybersecurity firm.
Microsoft said it had "provided security updates and encourages customers to install them," a company spokesperson said in an emailed statement.
It was not clear who was behind the ongoing hack.
The FBI said on Sunday it was aware of the attacks and was working closely with its federal and private-sector partners but offered no other details.
The UK National Cyber Security Centre said in a statement that it was aware of "a limited number" of targets in the United Kingdom.
A researcher tracking the campaign said that the campaign appeared initially aimed at a narrow set of government-related organisations.
The pool of potential targets remains vast.
According to data from Shodan, a search engine that helps to identify internet-linked equipment, more than 8000 servers online could theoretically have already been compromised by hackers.
Those servers include major industrial firms, banks, auditors, healthcare companies and several US state-level and international government entities.
"The SharePoint incident appears to have created a broad level of compromise across a range of servers globally," Daniel Card of UK cybersecurity consultancy PwnDefend said.
"Taking an assumed breach approach is wise, and it's also important to understand that just applying the patch isn't all that is required here."
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Perth Now
an hour ago
- Perth Now
Aussie snack lovers shattered as popular chips disappear from shelves
Australians have been caught off guard by the quiet disappearance of a beloved chip brand from supermarket shelves without warning. UK-born snack brand Tyrrells has been pulled from Woolworths, Coles and IGA stores, without an official announcement. The change was spotted by a frustrated Reddit user who posted about it last Thursday. 'Gone from their shelves without warning or even clearance tags. Didn't even get a chance to stock up,' the user wrote. 'These were f****** good, made in Australia with Aussie potatoes, and at $3.80 for 165g. Price does what it says, without stupid price hikes and fake offers.' Other users echoed the disappointment. 'WHAT! OUTRAGE! They were the only chips I bought,' one comment read. 'These are the king of chips and I am heartbroken,' another said. 'Damn, that's really disappointing. They were the best chips on the shelves,' a third added. 'Absolutely unacceptable. These are the only good chips,' someone else chimed in. 'That's tyrell-ble,' another joked. Coles has confirmed it is no longer stocking Tyrrells chips. Credit: Coles Woolworths has pulled Tyrrells chips from its shelves. Credit: Woolworths Snackbrands Australia, the maker of Tyrrells, confirmed the brand has been discontinued due to low demand. 'We always aim to bring delicious snacks to our consumers in line with their needs, however we sadly had to retire the Tyrrells brand from market due to insufficient levels of consumer demand,' the company said in a statement. 'We realise that there will always be true lovers of the brand out there however we need to balance the requirements of our consumers as well as our retail partners when making these tough decisions.' Both Coles and Woolworths confirmed to they are no longer stocking Tyrrells chips. has also reached out to IGA for confirmation. Snackbrands said Tyrrells will still be available 'for the foreseeable future' in some Harris Farm stores, and suggested fans try their other products. 'The good news is that we continue to innovate and offer great alternatives under our Kettle and Natural Chip Company brands,' a spokesperson added. The British-born Tyrrells chips have quietly disappeared from major supermarket shelves. Credit: Tyrrells / Facebook Tyrrells chips can still be found on Amazon, with nine 165g bags of the classic Pot Crispy Salted flavour currently available for $15.86. Some Reddit users reported spotting a few bags at 7-Eleven and The Reject Shop. Tyrrells, originally founded on a farm in Herefordshire, England in 2002, is known for its hand-cooked, premium potato chips made from locally grown ingredients. The brand entered the Australian market in 2014, initially importing products from the UK. From 2016, following its acquisition of Yarra Valley Snack Foods, Tyrrells chips were made locally in Victoria using Australian potatoes.
AU Financial Review
an hour ago
- AU Financial Review
Why Australia can't sue if AUKUS delivers dud subs
Australia will be blocked from seeking compensation from the United Kingdom if British-designed nuclear-powered submarines have defects or are delayed, under the terms of the 50-year AUKUS treaty between the two nations. The treaty also gives Britain an effective veto over any Australian proposal for the design of the new submarines, while the pact could be torn up with just a year's notice, amid growing questions over the Trump administration's commitment to AUKUS and willingness to share the crown jewels of weapons technology.
Sky News AU
3 hours ago
- Sky News AU
Relatives of Air India disaster victim reveal they were sent the wrong remains by Indian authorities
The mother of a victim of last month's Air India disaster has spoken out after authorities in India sent her the wrong body. Fiongal Greenlaw-Meek, and his partner Jamie, were among the 261 people killed when Air India Flight AI171 crashed after take-off from Ahmedabad. The pair had travelled to India for a peaceful 10-day wellness retreat. Speaking to the Sunday Times, Amanda Donaghey said she was sent the remains of the wrong person by the Indian authorities. She said after arriving in India following the crash, the authorities asked her to present a blood sample to match the DNA for testing. 'Visiting the site and seeing it was something I felt like I had to do. I wanted to understand what had happened,' she told the newspaper. She went onto describe what she saw, saying the area in which the plane crashed resembled a warzone. 'I remember all these burnt trees. The trees were scorched black. But there were still birds and squirrels in those trees, which I found quite profound. It was like a bomb site.' 'You would think it was from a war scene, but there were still these small birds twittering,' she said. She was told the body of her son would be sent to England in a sealed casket. The paper reports that further DNA testing by a coroner in the UK revealed that the remains sent over were the wrong ones. 'It was heartbreaking,' she said. 'We don't know what poor person is in that casket. This is an appalling thing to have happened.' Ms Donaghey has joined others in demanding the UK government pressure the Indian government to do more to help, as more families across the UK revealed on Sunday that they had similar things happen to them. A total of 52 British citizens died in the catastrophe, which claimed the lives of all but one of the 242 people on board, as well as 19 people on the ground. Only a dozen UK victims' remains have been repatriated so far. In a statement posted to X, Air India said it continued to support the victims and their families.
