Microsoft issues urgent alert on active SharePoint cyberattacks
In a security advisory released Saturday, Microsoft clarified that the attacks affect only on-premises SharePoint servers and do not impact SharePoint Online, which operates within the Microsoft 365 cloud platform.
The alert warned of a vulnerability that allows attackers to conduct 'spoofing' over a network. In such attacks, bad actors disguise themselves as trusted entities—such as individuals, organizations, or websites—potentially leading to the manipulation of financial systems or compromising government operations.
Microsoft described the exploit as a "zero-day" attack, meaning it targeted a previously unknown flaw. The Washington Post, which first reported the breach, said the attack affected both U.S. and international organizations and could put tens of thousands of servers at risk.
'We've been coordinating closely with CISA, DOD Cyber Defense Command, and key cybersecurity partners globally throughout our response,' a Microsoft spokesperson said. The company has issued security patches and strongly encouraged affected customers to install them without delay.
The FBI confirmed Sunday that it is aware of the ongoing attacks and is working with both federal agencies and private-sector partners. However, it provided no further details at this time.
Microsoft is also preparing security updates for older SharePoint versions, including SharePoint 2016 and 2019. For organizations unable to implement the recommended malware protection measures immediately, the company advised disconnecting servers from the internet until the patches are deployed.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arab Times
4 days ago
- Arab Times
5 victories of global Zionism
OVER the past hundred years, Jewish Zionism has achieved five major victories, most of which have come at our expense: 1. Realizing the dream of establishing a state for Jews worldwide. 2. Securing emotional, financial, political, and military support initially from Britain, and later from America and the Western world. 3. Successfully neutralizing any threat, even minor, posed by Arab states to its existence. 4. Building a state with a strong economy, advanced industry, formidable military capabilities, and distinguished achievements in technology and science. 5. Most dangerously, creating an army of mercenaries among Arabs, the majority of whom are either financially motivated or unaware of Zionism's global agenda. Israel's progress in high technology rivals that of the United States and other Western countries. Known as the 'Nation of Tech Companies,' nearly 60 percent of its exports come from the tech sector, compared to virtually zero for Arab countries. Global giants like Intel, Google, Microsoft, and Apple maintain advanced research centers in Israel, whose economy is growing at rates above the global average. Militarily, Israel ranks 15th worldwide and can mobilize half a million fighters in record time. It also boasts unmatched espionage and intelligence capabilities. Israel relies heavily on integrating Artificial Intelligence (AI) into its espionage and intelligence operations, enabling it to track high-level military targets and execute sensitive missions with precision, thanks to its global leadership in cybersecurity. Israel has long possessed advanced research, medical, and technical laboratories, collaborating closely with leading Western universities, particularly in AI, technology transfer, and the development of medical and pharmaceutical solutions. In contrast, most Arab countries lack much of Israel's technological infrastructure and expertise. Before its recent settlement expansions, Israel's land area was approximately 22,000 square kilometers, compared to 13 million square kilometers for Arab countries and 32 million square kilometers for Islamic countries. Israel's population stands at about 9 million, while the Arab population is around 460 million, and the Muslim population totals approximately 1.5 billion. Despite signing peace treaties with Egypt 44 years ago and Jordan 31 years ago, Israel has not transferred any of its expertise or technology to either country or any other Arab nation. Israel continues to spy on both Egypt and Jordan, despite its peace agreements with them. Moreover, it has never stopped spying on the United States, its most important supporter and dominant ally. Israel has relentlessly pursued settlement expansion at the expense of neighboring Arab countries and even more distant neighbors. It has consistently sought to sow discord and division among Arab states, exploiting their backwardness to its advantage. Doubt and hatred will continue to fill the hearts of Zionists. True justice and peace have no place in the Israeli narrative. Israel offers us nothing but humiliation and degradation, an agenda promoted by its agents among us, who have now been exposed. They openly claim that Israel has the right to decide our fate as it sees fit. For instance, the productivity of a palm tree in Israel is ten times higher than the average yield of palm trees in Egypt and Jordan. Yet, despite over forty years of peace treaties with Israel, neither Egypt nor Jordan has benefited from Israeli technology, not even in date production, let alone in far more advanced fields like artificial intelligence. Therefore, those who believe that normalization with Israel will bring prosperity, peace, love, and progress to the Arab world must abandon these illusions. From Israel, we will see nothing but ruthless exploitation of our resources, the occupation of our lands, and the reduction of our people to mere laborers in its factories and farms, and perhaps even guinea pigs in its laboratories.
Arab Times
4 days ago
- Arab Times
Microsoft Edge becomes an AI browser with new ‘Copilot Mode' launch
NEW YORK, July 29: As demand for AI-integrated browsing tools continues to grow, Microsoft has introduced a new feature in its Edge browser called Copilot Mode, designed to enhance the web browsing experience through real-time AI assistance. Launched on Monday, Copilot Mode allows users to interact with the web through a built-in AI companion that understands what they're researching, anticipates their next steps, and can carry out certain tasks on their behalf. Microsoft describes the feature as experimental and emphasizes that it is opt-in by default during its current testing phase. It is available for free to Mac and PC users who have access to Microsoft Copilot. At its core, Copilot Mode combines search, chat, and navigation capabilities into one interface. When enabled, users are presented with a revamped new tab page that facilitates interaction with the AI assistant. While browsing specific websites, users can ask Copilot questions directly related to the content they're viewing. For instance, if someone is reading a recipe, they can ask Copilot how to make it vegan, and the assistant will suggest alternative ingredients. This eliminates the need to copy and paste text into a separate AI chatbot—Copilot integrates this functionality directly into the browser experience. It can also summarize content, such as recipes, allowing users to skip lengthy personal narratives that often precede them. Beyond simple queries, Microsoft claims Copilot can perform a range of tasks such as booking appointments, generating shopping lists, and drafting written content. These agent-like functions signal a shift toward what the company calls "agentic" web use, where AI not only assists but acts on behalf of the user. However, the effectiveness of this feature and its user appeal remain to be seen, particularly in scenarios where direct user interaction may still be quicker or more intuitive. Copilot also supports voice input, which could be beneficial for users with limited tech skills or physical impairments. In the future, Microsoft says it will allow users to provide Copilot with more contextual information—such as login credentials or browsing history—to perform more advanced tasks like making bookings autonomously. Currently, these functions require more user involvement. One of Copilot's most promising features is its potential as a research assistant. With user permission, Copilot can access all open browser tabs to understand what the user is viewing. This function could prove particularly helpful during product comparisons, travel planning, or other forms of multi-site research. While AI chatbots already handle such tasks, embedding this capability directly into the browser aims to streamline the experience. Looking ahead, Microsoft plans for Copilot to remind users of ongoing projects or previous research by recommending next steps based on their browsing activity. Importantly, the company has assured users that privacy will remain a top priority. Copilot will only access a user's browsing activity with explicit permission, and any such activity will be indicated with visual cues. Still, the prospect of an AI that can "see" and "hear" a user's actions online may raise privacy concerns for some users. With Copilot Mode, Microsoft joins the expanding field of AI-assisted browsing, aiming to simplify and personalize the way users interact with the internet.
Kuwait Times
24-07-2025
- Kuwait Times
Microsoft warns Chinese hackers targeting customers
SAN FRANCISCO: Chinese state-sponsored hackers are actively exploiting critical security vulnerabilities in users of Microsoft's popular SharePoint servers to steal sensitive data and deploy malicious code, the US tech giant warned Tuesday. Microsoft said it has observed three threat groups—dubbed Linen Typhoon, Violet Typhoon, and Storm-2603 –- targeting internet-facing SharePoint servers using two newly disclosed vulnerabilities that allow attackers to bypass authentication and execute remote code. SharePoint Server is Microsoft's collaboration and document management platform designed for businesses and organizations. Many large organizations use SharePoint as their primary platform for internal collaboration and for storing documents, and is appreciated for working well with other Microsoft products like Office, Teams, and Outlook. The attacks, which Microsoft said began as early as July 7, affect only on-premises SharePoint installations and do not impact the cloud-based SharePoint Online service, the company said in a security bulletin. Microsoft warned that it 'assesses with high confidence' that the threat actors will continue their assault against vulnerable systems where companies haven't taken the necessary precautions. The vulnerabilities allow attackers to spoof authentication credentials and execute malicious code remotely on vulnerable servers. Microsoft has released comprehensive security updates to address the malware and urged customers to apply the patches immediately. In their successful attacks, the Chinese hackers deployed malicious code that provides backdoor access to compromised systems. The attackers used these tools to steal machine encryption keys and maintain access to targeted networks. Linen Typhoon, active since 2012, primarily focuses on intellectual property theft from government, defense, and human rights organizations. Violet Typhoon, operating since 2015, conducts espionage against former government officials, NGOs, think tanks, and media organizations across the United States, Europe, and East Asia. Storm-2603, which Microsoft assesses with 'medium confidence' to be China-based, has previously deployed ransomware but its current objectives remain unclear. Research from cybersecurity company Check Point said the campaign began on July 7 against a major Western government and that the attacks intensified dramatically around July 18. Since then, researchers have confirmed dozens of compromise attempts primarily targeting organizations in North America and Western Europe, Check Point said in a blog post. –AFP
