Latest news with #Bancal
The Hindu
5 days ago
- Business
- The Hindu
Risk highlighted as Chinese hackers hit Microsoft
Software giant Microsoft is at the centre of cybersecurity storm after China-linked hackers exploited flaws in SharePoint servers to target hundreds of organisations. While such cyberattacks are not new, the scale of the onslaught and the speed with which the hackers took advantage of freshly discovered vulnerabilities is fuelling concern. Dutch startup Eye Security warned Saturday of online attacks targeting SharePoint file-sharing servers, with Microsoft quick to confirm the report and release patches to protect systems. The vulnerability allowed hackers to retrieve credentials and then access SharePoint servers kept at users' facilities, according to Microsoft. Cloud-based SharePoint software was safe from the problem, the company said. Eye Security determined that more than 400 computer systems were compromised by hackers during waves of attacks. Targets included government organisations in Europe, the Middle East and the United States, among them the U.S. nuclear weapons agency, media reports indicated. "On-premises SharePoint deployments - particularly within government, schools, healthcare and large enterprise companies - are at immediate risk," cybersecurity firm Palo Alto Networks warned in a note. Microsoft has not disclosed the number of victims in the attacks. SharePoint had more than 200 million active users as of 2020, according to the most recent figures available from Microsoft. Microsoft has attributed the cyberattacks to groups backed by China. The culprits are believed to include Chinese state actors known as Linen Typhoon and Violet Typhoon along with a group called Storm-2603 which "is considered with moderate confidence to be a threat actor based in China." The Typhoon groups have been active for a decade or more, and are known for intellectual property theft as well as espionage, according to Microsoft. Less was known about Storm-2603 and its motives. "Investigations into other actors also using these exploits are ongoing," Microsoft said, urging users to patch SharePoint servers to avoid becoming hacking victims. Cybersecurity specialist Damien Bancal noted in a recent blog post that he found "ready-to-use exploit code" for the vulnerability at a popular website. The assault on SharePoint servers is the latest in a series of sophisticated attacks carried out by state-sponsored groups against "the Microsoft ecosystem," according to Bancal. In 2021, attacks by a Chinese hacker group known as Silk Typhoon compromised tens of thousands of email servers using Microsft Exchange software. Microsoft's success at making its software commonplace in offices and homes also makes it a prime target for hackers out to steal money or information. Microsoft software can hold sensitive and valuable information. "It's not Microsoft that is being targeted, it's its customers," said Shane Barney, head of information security at US-based Keeper. Targeting Microsoft programmes is a means to an end, and tomorrow it could be software from another company, said Rodrigue Le Bayon, head of Orange Cyberdefense computer emergency response team. China is not the only nation backing hacker operations as countries around the world hone cyber capabilities, according to Le Bayon. Nevertheless, China is repeatedly singled out by companies and governments hit by hacks. Western countries have accused hacker groups allegedly supported by China of conducting a global cyber espionage campaign against figures critical of Beijing, democratic institutions, and companies in various sensitive sectors.
Mint
5 days ago
- Business
- Mint
Risk highlighted as Chinese hackers hit Microsoft
Software giant Microsoft is at the center of cybersecurity storm after China-linked hackers exploited flaws in SharePoint servers to target hundreds of organizations. While such cyberattacks are not new, the scale of the onslaught and the speed with which the hackers took advantage of freshly discovered vulnerabilities is fueling concern. Dutch startup Eye Security warned Saturday of online attacks targeting SharePoint file-sharing servers, with Microsoft quick to confirm the report and release patches to protect systems. The vulnerability allowed hackers to retrieve credentials and then access SharePoint servers kept at users' facilities, according to Microsoft. Cloud-based SharePoint software was safe from the problem, the company said. Eye Security determined that more than 400 computer systems were compromised by hackers during waves of attacks. Targets included government organizations in Europe, the Middle East and the United States - among them the US nuclear weapons agency, media reports indicated. "On-premises SharePoint deployments - particularly within government, schools, healthcare and large enterprise companies - are at immediate risk," cybersecurity firm Palo Alto Networks warned in a note. Microsoft has not disclosed the number of victims in the attacks. SharePoint had more than 200 million active users as of 2020, according to the most recent figures available from Microsoft. Microsoft has attributed the cyberattacks to groups backed by China. The culprits are believed to include Chinese state actors known as Linen Typhoon and Violet Typhoon along with a group called Storm-2603 which "is considered with moderate confidence to be a threat actor based in China." The Typhoon groups have been active for a decade or more, and are known for intellectual property theft as well as espionage, according to Microsoft. Less was known about Storm-2603 and its motives. "Investigations into other actors also using these exploits are ongoing," Microsoft said, urging users to patch SharePoint servers to avoid becoming hacking victims. Cybersecurity specialist Damien Bancal noted in a recent blog post that he found "ready-to-use exploit code" for the vulnerability at a popular website. The assault on SharePoint servers is the latest in a series of sophisticated attacks carried out by state-sponsored groups against "the Microsoft ecosystem," according to Bancal. In 2021, attacks by a Chinese hacker group known as Silk Typhoon compromised tens of thousands of email servers using Microsft Exchange software. Microsoft's success at making its software commonplace in offices and homes also makes it a prime target for hackers out to steal money or information. Microsoft software can hold sensitive and valuable information. "It's not Microsoft that is being targeted, it's its customers," said Shane Barney, head of information security at US-based Keeper. Targeting Microsoft programs is a means to an end, and tomorrow it could be software from another company, said Rodrigue Le Bayon, head of Orange Cyberdefense computer emergency response team. China is not the only nation backing hacker operations as countries around the world hone cyber capabilities, according to Le Bayon. Nevertheless, China is repeatedly singled out by companies and goverments hit by hacks.
Arab News
5 days ago
- Business
- Arab News
Risk highlighted as Chinese hackers hit Microsoft
PARIS : Software giant Microsoft is at the center of cybersecurity storm after China-linked hackers exploited flaws in SharePoint servers to target hundreds of organizations. While such cyberattacks are not new, the scale of the onslaught and the speed with which the hackers took advantage of freshly discovered vulnerabilities is fueling concern. Dutch startup Eye Security warned Saturday of online attacks targeting SharePoint file-sharing servers, with Microsoft quick to confirm the report and release patches to protect systems. The vulnerability allowed hackers to retrieve credentials and then access SharePoint servers kept at users' facilities, according to Microsoft. Cloud-based SharePoint software was safe from the problem, the company said. Eye Security determined that more than 400 computer systems were compromised by hackers during waves of attacks. Targets included government organizations in Europe, the Middle East and the United States — among them the US nuclear weapons agency, media reports indicated. 'On-premises SharePoint deployments — particularly within government, schools, health care and large enterprise companies — are at immediate risk,' cybersecurity firm Palo Alto Networks warned in a note. Microsoft has not disclosed the number of victims in the attacks. SharePoint had more than 200 million active users as of 2020, according to the most recent figures available from Microsoft. Microsoft has attributed the cyberattacks to groups backed by China. The culprits are believed to include Chinese state actors known as Linen Typhoon and Violet Typhoon along with a group called Storm-2603 which 'is considered with moderate confidence to be a threat actor based in China.' The Typhoon groups have been active for a decade or more, and are known for intellectual property theft as well as espionage, according to Microsoft. Less was known about Storm-2603 and its motives. 'Investigations into other actors also using these exploits are ongoing,' Microsoft said, urging users to patch SharePoint servers to avoid becoming hacking victims. Cybersecurity specialist Damien Bancal noted in a recent blog post that he found 'ready-to-use exploit code' for the vulnerability at a popular website. The assault on SharePoint servers is the latest in a series of sophisticated attacks carried out by state-sponsored groups against 'the Microsoft ecosystem,' according to Bancal. In 2021, attacks by a Chinese hacker group known as Silk Typhoon compromised tens of thousands of email servers using Microsft Exchange software. Microsoft's success at making its software commonplace in offices and homes also makes it a prime target for hackers out to steal money or information. Microsoft software can hold sensitive and valuable information. 'It's not Microsoft that is being targeted, it's its customers,' said Shane Barney, head of information security at US-based Keeper. Targeting Microsoft programs is a means to an end, and tomorrow it could be software from another company, said Rodrigue Le Bayon, head of Orange Cyberdefense computer emergency response team. China is not the only nation backing hacker operations as countries around the world hone cyber capabilities, according to Le Bayon. Nevertheless, China is repeatedly singled out by companies and goverments hit by hacks. Western countries have accused hacker groups allegedly supported by China of conducting a global cyber espionage campaign against figures critical of Beijing, democratic institutions, and companies in various sensitive sectors.
The Guardian
02-03-2025
- The Guardian
10 reasons to visit Spain in 2025: new holidays, hikes and cultural highlights
It is easy to avoid big resorts in the Canaries – the smaller islands have a handful of little towns with rural hotels dotted around. Hikers love lush La Gomera, with walks through the laurel forests in the Garajonay national park and along dramatic terraced hillsides overlooking the Atlantic. Headwater has a new self-guided walking holiday that goes across the island and explores gorges, valleys, palm groves and seaside villages. For independent travellers, the new Bancal hotel (doubles from £161, in San Sebastián de La Gomera is built into the hillside with views across the ocean. The hotel is partly solar powered and grows its own produce (with vegan options in the restaurant). Headwater's seven-night self-guided walking holiday costs from £1,239pp, based on two sharing, including breakfast and staying in small hotels and La Gomera's parador, To see the elegant city of Jerez at its glorious best, go when the horse fair is on (17-24 May, Women in their finest flamenco dresses and men in Cordovan hats parade in carriages around González Hontoria park, where the broad paths are lined with marquees decorated with flowers and paper lanterns, and packed with partying jerezanos. You do not need an invitation to go into the tents, unlike at the feria in Seville. Make a loose plan to visit a few bodegas and the sherry bars or tabancos in the town centre, where you will be clapping and tapping along with the flamenco performers before you know it. Stay at Hotel Palacio Garvey (doubles from £75 room-only), a grand 19th-century residence tucked away on a little square Anyone who has been to Barcelona knows how good the food is, but there are specialities to discover all over Catalonia, which has been selected as the World Region of Gastronomy 2025. A new holiday with Inntravel, A Stroll in the Pyrenees, combines walking with traditional Catalan cuisine. Stay in a smart rural hotel with a pool and spa near Ribes de Freser for a week, walking along mountain paths at your own pace and taking the rack railway up to Vall de Núria. From £1,050pp for seven nights, including some meals, Toledo, Segovia, El Escorial … there is no shortage of monument-jammed places to visit on a day trip from Madrid. The trouble is that this means other areas get overlooked, despite their many charms. This is certainly true of Guadalajara province, north-east of the capital, which is very popular with weekending Madrileños. This may change with the opening in May of a parador in the small town of Molina de Aragón, which has the second biggest castle in Spain. The parador is a new building, designed to blend into the landscape, with glass walls to give panoramic views of the 12th-century rates not yet released, Warhol, Pollock and Other American Spaces is showing at the Thyssen-Bornemisza museum from 21 October to 25 January 2026. The exhibition explores the connections between these two leading figures of 20th-century art, showing work that goes beyond the more obvious styles and techniques associated with them. Across the road at the Prado, temporary exhibitions include sculptures from Juan Muñoz (18 November to 8 March 2026) and Anton Raphael Mengs, the 'German Raphael' (25 November to 3 January 2026).Stay at Room Mate Alba, handy for museums, tapas bars and independent shops, doubles from £139, room-only, Experience a quieter side of Ibiza in spring and autumn by basing a trip on the seven new hiking routes in the north of the island. The walks follow the beautiful coast and go through the countryside, with a soundtrack of soothing birdsong rather than throbbing basslines. The Benirrás hike goes from Port de Sant Miquel to Can Marçà cove and along a path to Benirrás beach, before looping back to the starting point, a distance of 8 miles (13km). All the routes are under 13 miles, and some can be done by bike, with plenty of stops in villages and beach bars. Stay at Can Fuster, an agroturismo with a pool just outside Sant Joan de Labritja, doubles from £147, including breakfast, Although Alicante has been a hugely successful beach destination for decades, it is perhaps less well known as an area with some of the best food and wine in Spain. The laid-back Mediterranean city is this year's Spanish Capital of Gastronomy, providing a perfect excuse for a break eating rice dishes by the beach and tasting wines made in Alicante province. Start by ordering prawns at the bar at Nou Manolín, then move on to Cervecería Carvi (voted best tapas bar in 2024) for fideuà, a local seafood dish made with pasta instead of rice. And finish up at Taberna Alioli with an ensaladilla de alcachofas (artichoke salad). Foodie festivals and competitions will be taking place throughout the year. Stay at Serawa, a hotel that focuses on sustainability, with a shop and restaurant specialising in local produce and wines, doubles from £86, room-only, Rising temperatures mean that in summer Spain's Mediterranean resorts are too hot for many, and they are looking instead at northern Spain, which has a more comfortable climate and some of the country's best beaches. Vintage Travel has increased its range of villas in the Rías Baixas in Galicia to meet this demand. Bellavista, on the hillside overlooking the traditional seaside village of Raxó on the Ría de Pontevedra, sleeps eight and has a pool. With plenty of beaches and the towns of Combarro and Sanxenxo within a 10-minute drive, it makes a great base. A week in June costs £2,198, For a solo adventure around Spain, but in the company of a few like-minded travellers, G Adventures offers a nine-day trip, travelling by train from Barcelona to Seville, and stopping off in Madrid, Córdoba and Granada. There are walking tours, cookery classes and tapas trawls, but with plenty of free time to explore on your own. From £1,899, including accommodation in shared rooms (private rooms available on request) in small hotels, breakfasts and some meals, train journeys and local buses, The Spain Rail Pass has been relaunched this year, enabling foreign visitors to take between four and 10 journeys around the country within a month. Long journeys on high-speed services offer the best value for money. With a 10-journey pass (€450), an epic itinerary for British visitors could be from Barcelona down to Valencia; crossing the country to Córdoba and Seville; heading down to Málaga and visiting Granada; then heading up to Madrid and Segovia; on to Oviedo in Asturias on the north coast, and finishing in Santander, from where you can catch the ferry back to Plymouth or Portsmouth ( if you prefer not to fly.
