Cyberattack hits Microsoft servers, threatens thousands of global organizations
The Windows developer acknowledged the flaw in a statement and released a new security update to curb active attacks on on-premises servers, confirming that additional updates are in development.
The US Cybersecurity and Infrastructure Security Agency (CISA) explained that the loophole allows attackers to execute code and access file systems and internal settings, according to Bloomberg.
Cybersecurity firm Censys reported that more than 10,000 organizations using SharePoint servers are at risk, most of them based in the United States, followed by the Netherlands, the United Kingdom, and Canada.
Palo Alto Networks warned that the attacks are real and pose a serious threat. Reports from outlets such as The Washington Post confirmed the breach has affected US federal and government agencies, universities, energy companies, and a telecom firm in Asia.
This incident adds to a growing series of cyber intrusions targeting Microsoft systems. Back in March, the company warned that Chinese hackers were exploiting remote management tools and cloud applications to spy on institutions inside the US and abroad.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Al Arabiya
a day ago
- Al Arabiya
Company involved in Coldplay KissCam drama hires Gwyneth Paltrow as spokesperson
Astronomer – the company whose CEO resigned after being caught on a KissCam at a Coldplay rock concert embracing a woman who was not his wife – is trying to move on from the drama with someone who knows the band pretty well. Actress Gwyneth Paltrow, who was married to Coldplay's frontman Chris Martin for 13 years, announced Friday on X that she has been hired by Astronomer as a spokesperson. Astronomer, a tech company based in New York, found itself in an uncomfortable spotlight when two of its executives were caught on camera in an intimate embrace at a Coldplay concert – a moment that was then flashed on a giant screen in the stadium. CEO Andy Byron and human resource executive Kristin Cabot were caught by surprise when Martin asked the cameras to scan the crowd during a concert earlier this month. 'Either they're having an affair or they're just very shy,' Martin joked when the couple appeared on screen and quickly tried to hide their faces. In a short video, the 'Shakespeare in Love' and 'Ironman' star said she had been hired as a very temporary spokesperson for Astronomer. 'Astronomer has gotten a lot of questions over the last few days and they wanted me to answer the most common ones,' Paltrow said, smiling and deftly avoiding mention of the KissCam fuss. 'We've been thrilled that so many people have a newfound interest in data workflow automation,' she said. 'We will now be returning to what we do best – delivering game-changing results for our customers.' When footage from the KissCam first spread online, it wasn't immediately clear who the couple were. Soon after, the company identified the pair and Byron resigned, followed by Cabot. The video clip resulted in a steady stream of memes, parody videos, and screenshots of the pair's shocked faces filling social media feeds. Online streams of Coldplay's songs jumped 20 percent in the days after the video went viral, according to Luminate, an industry data and analytics company.
Al Arabiya
2 days ago
- Al Arabiya
Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed
Tea, an app designed to let women safely discuss men they date, has been breached, with thousands of selfies and photo IDs of users exposed, the company confirmed on Friday. Tea said that about 72,000 images were leaked online, including 13,000 images of selfies or selfies featuring a photo identification that users submitted during account verification. Another 59,000 images publicly viewable in the app from posts, comments, and direct messages were also accessed without authorization, according to a Tea spokesperson. No email addresses or phone numbers were accessed, the company said, and the breach only affects users who signed up before February 2024. Tea has engaged third-party cybersecurity experts and are working around the clock to secure its systems, the company said. At this time, there is no evidence to suggest that additional user data was affected. Protecting Tea users' privacy and data is their highest priority. Tea presents itself as a safe way for women to anonymously vet men they might connect with on dating apps such as Tinder or Bumble—ensuring that your date is safe, not a catfish, and not in a relationship. 'Tea is a must-have app, helping women avoid red flags before the first date with dating advice and showing them who's really behind the profile of the person they're dating,' reads Tea's app store description. 404 Media, which earlier reported the breach, said it was 4Chan users who discovered an exposed database that allowed anyone to access the material from Tea. While reporting this story, a URL the 4chan user posted included a voluminous list of specific attachments associated with the Tea app. 404 Media saw this list of files. 'In the last hour or so, that page was locked down and now returns a 'Permission denied' error,' 404 Media reported Friday. Tea said in an Instagram post this week that it has reached 4 million users.
Arab News
3 days ago
- Arab News
Risk highlighted as Chinese hackers hit Microsoft
PARIS : Software giant Microsoft is at the center of cybersecurity storm after China-linked hackers exploited flaws in SharePoint servers to target hundreds of organizations. While such cyberattacks are not new, the scale of the onslaught and the speed with which the hackers took advantage of freshly discovered vulnerabilities is fueling concern. Dutch startup Eye Security warned Saturday of online attacks targeting SharePoint file-sharing servers, with Microsoft quick to confirm the report and release patches to protect systems. The vulnerability allowed hackers to retrieve credentials and then access SharePoint servers kept at users' facilities, according to Microsoft. Cloud-based SharePoint software was safe from the problem, the company said. Eye Security determined that more than 400 computer systems were compromised by hackers during waves of attacks. Targets included government organizations in Europe, the Middle East and the United States — among them the US nuclear weapons agency, media reports indicated. 'On-premises SharePoint deployments — particularly within government, schools, health care and large enterprise companies — are at immediate risk,' cybersecurity firm Palo Alto Networks warned in a note. Microsoft has not disclosed the number of victims in the attacks. SharePoint had more than 200 million active users as of 2020, according to the most recent figures available from Microsoft. Microsoft has attributed the cyberattacks to groups backed by China. The culprits are believed to include Chinese state actors known as Linen Typhoon and Violet Typhoon along with a group called Storm-2603 which 'is considered with moderate confidence to be a threat actor based in China.' The Typhoon groups have been active for a decade or more, and are known for intellectual property theft as well as espionage, according to Microsoft. Less was known about Storm-2603 and its motives. 'Investigations into other actors also using these exploits are ongoing,' Microsoft said, urging users to patch SharePoint servers to avoid becoming hacking victims. Cybersecurity specialist Damien Bancal noted in a recent blog post that he found 'ready-to-use exploit code' for the vulnerability at a popular website. The assault on SharePoint servers is the latest in a series of sophisticated attacks carried out by state-sponsored groups against 'the Microsoft ecosystem,' according to Bancal. In 2021, attacks by a Chinese hacker group known as Silk Typhoon compromised tens of thousands of email servers using Microsft Exchange software. Microsoft's success at making its software commonplace in offices and homes also makes it a prime target for hackers out to steal money or information. Microsoft software can hold sensitive and valuable information. 'It's not Microsoft that is being targeted, it's its customers,' said Shane Barney, head of information security at US-based Keeper. Targeting Microsoft programs is a means to an end, and tomorrow it could be software from another company, said Rodrigue Le Bayon, head of Orange Cyberdefense computer emergency response team. China is not the only nation backing hacker operations as countries around the world hone cyber capabilities, according to Le Bayon. Nevertheless, China is repeatedly singled out by companies and goverments hit by hacks. Western countries have accused hacker groups allegedly supported by China of conducting a global cyber espionage campaign against figures critical of Beijing, democratic institutions, and companies in various sensitive sectors.
