Microsoft releases urgent fix for Sharepoint vulnerability being used in global cyberattacks
The company issued an alert to customers Saturday saying it was aware of the zero-day exploit — where hackers take advantage of a previously unknown vulnerability — being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software.
Cyber criminals often use zero-day exploits to steal sensitive data and passwords. The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams.
The company said in its blog post that it discovered at least dozens of systems were compromised around the world. Security engineers stated the attacks occurred in waves on July 18 and 19.
Although the scope of the attack is still being assessed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Daily Mail
an hour ago
- Daily Mail
The ugly monoliths quietly desecrating America's most sacred sites… and driving locals to the brink
They were once hallowed grounds where cannon smoke filled the skies and musket balls tore through blue and gray uniforms - sites of blood, brotherhood and the brutal birth of a nation. Today, America's most sacred battlefield sites face a different kind of invasion - one of cold, hulking mega-structures filled not with soldiers, but with servers.
Telegraph
4 hours ago
- Telegraph
French submarine-maker targeted by hackers
A French naval giant is investigating a potential cyber attack after hackers claimed to have obtained sensitive data about the country's nuclear submarines. Naval Group, a state-owned ship maker that traces its origins back almost 400 years to the reign of Louis XIII, said it had 'immediately launched technical investigations' after cyber criminals threatened to publish files on the dark web. The company builds and maintains key ships and submarines for the French Navy, including aircraft carriers and nuclear-powered submarines. These include France's Barracuda fleet of nuclear missile-armed submarines. In a post on a dark web forum, hackers claimed to have uncovered 'top-secret classified' data for 'submarines and frigates'. Hackers gave the company 72 hours to respond to the leak, with initial documents published online allegedly including source code for submarine weapon systems. The attackers have so far published around 30 gigabytes of data, although they claim to have far more information still to be disclosed. Naval Group has responded by insisting it had found 'no intrusion into our IT environments', and described it as a 'reputational attack'. A spokesman said: 'Naval Group has noticed being the target of a reputational attack with the claim of a cyber-malice act. We immediately launched technical investigations. 'All teams and resources are currently mobilised to analyse and verify the authenticity, origin and ownership of the data as quickly as possible. 'At this stage, no intrusion into our IT environments has been detected and there has been no impact on our activities.' The alleged hack comes amid a wave of cyberattacks against companies and governments. Last week, Microsoft admitted to a major flaw in its SharePoint document-sharing system, which is believed to have been exploited by hackers with links to China. Among the organisations targeted were the US National Nuclear Security Administration, which maintains America's nuclear arsenal, although no sensitive files were reported to have been taken. Naval Group is France's largest shipbuilder, employing more than 15,000 people with revenues of more than €4.4bn. The French government owns almost two-thirds of the business, with he remainder owned by Thales, the French defence giant.
Daily Mail
4 hours ago
- Daily Mail
Target staff praise new anti-theft cases
Target is changing how it tackles theft — and it should speed things up for shoppers. For years, the retailer has used locked plexiglass cases to protect high-theft items like toiletries, cleaning products, and even clothing. But the system — which often requires a staffer with a manager's key — has long frustrated customers who say it slows them down , especially when they're just trying to grab toothpaste, laundry detergent, or underwear. Now, the company is updating the system. So far, employees seem happy. Target employees on Reddit say the new design uses QR codes that can be unlocked with handheld devices carried by every floor associate, speeding up the process for everyone. 'This looks amazing, to be honest,' a Target employee said on Reddit. But the rollout isn't going perfectly. Some staff say the new system is confusing guests — especially since the QR codes are visible. They say leads shoppers to think that they can open it by scanning the code using their smartphone. Target didn't immediately respond to request for comment. For years, Target has been attempting to stop guests from using the five-finger discount in their stores. In 2023, CEO Brian Cornell said the company lost $500 million each year to shoplifters. To respond, the company has removed self-checkout registers from stores, closed high-theft locations , and added safety locks to hundreds of products — all in hopes of deterring sticky-fingered guests. But those changes have come at a cost. For years, Target has set itself apart from other big-box retailers through high-end marketing, thoughtful lighting, and exclusive clothing lines. Locks on simple products often cut against that branding image. 'The problem with Target is a lot of decisions are being taken centrally without proper thought about what they mean on the ground,' Neil Saunders, a retail expert at GlobalData, previously told Security tags and hard locks also pose logistical issues for store staff. They make it harder to fold garments, merchandise accessories on racks, and fit products onto crowded shelves — adding to disarray on the sales floor. The disconnect between colorful merchandising and anti-theft hardware has only worsened the look of some apparel sections , independent retail experts told Customers have taken to social media to complain about hangers on the floor, ripped-out security tags, and unfolded T-shirt displays. 'I hate to pile on (pun intended), but Target's apparel merchandising and maintenance is an ongoing issue,' Carol Spieckerman, a retail consultant, previously said. 'When shoppers are shopping off the floor, it undermines Target's core brand promise of accessible style.'
