Latest news with #U.S.CybersecurityandInfrastructureSecurityAgency
Boston Globe
29-07-2025
- Politics
- Boston Globe
Tim Walz activates Minnesota National Guard as officials respond to St. Paul cyberattack
City officials said they have yet to ascertain whether sensitive data had been stolen. Emergency services, including police response systems, were not crippled by the attack, the city said in a statement. The shutdown meant that city employees did not have access to the internet in municipal buildings, and that routine services such as library loans and online payment systems were inaccessible. Get Starting Point A guide through the most important stories of the morning, delivered Monday through Friday. Enter Email Sign Up Large and small cities across the United States, along with school systems and hospitals, have been targeted in cyberattacks in recent years. Such attacks are often carried out by individuals who compromise networks and encrypt data, then demand ransom payments in order to restore access. Advertisement Attackers sometimes steal sensitive data -- such as credit card information -- that they can later sell online. St. Paul officials said they detected unusual activity on their network Friday morning and eventually realized the city's networks had been breached. Deeming it a serious attack, they sought help from the governor and federal law enforcement agencies as well as cybersecurity companies. Advertisement Walz issued an executive order Tuesday directing the National Guard to assign military computer experts to assist officials in St. Paul. In the order, Walz said 'the scale and complexity of this incident exceeded both internal and commercial response capabilities.' Ransomware attacks have become a growing menace for municipal governments. One that targeted Atlanta in 2018 resulted in losses worth millions of dollars, according to federal prosecutors who charged two Iranian men in that case. In recent weeks, cyberattacks have crippled municipal networks in Texas, Oklahoma and Puerto Rico. In late June, the U.S. Cybersecurity and Infrastructure Security Agency issued a statement urging officials who control sensitive computer systems to 'to stay vigilant to Iranian-affiliated cyber actors that may target U.S. devices and networks.' This article originally appeared in .
New York Times
29-07-2025
- Politics
- New York Times
St. Paul Hobbled by Cyberattack, Prompting National Guard Response
Gov. Tim Walz of Minnesota on Tuesday activated the state National Guard to help officials in St. Paul, the capital, respond to a complex cyberattack that was first detected on Friday. Mayor Melvin Carter of St. Paul said the city had shut down the bulk of its computer systems as a defensive measure as state and federal investigators tackled what he called 'a deliberate, coordinated digital attack, carried out by a sophisticated external actor.' Mr. Carter said that the F.B.I. and several state agencies were helping assess who was behind the attack. He declined to say whether ransom had been demanded or whether there was any evidence suggesting a foreign government was behind the attack. City officials said they have yet to ascertain whether sensitive data had been stolen. Emergency services, including police response systems, were not crippled by the attack, the city said in a statement. The shutdown meant that city employees did not have access to the internet in municipal buildings, and that routine services such as library loans and online payment systems were inaccessible. Large and small cities across the United States, along with school systems and hospitals, have been targeted in cyberattacks in recent years. Such attacks are often carried out by individuals who compromise networks and encrypt data, then demand ransom payments in order to restore access. Attackers sometimes steal sensitive data — such as credit card information — that they can later sell online. St. Paul officials said they detected unusual activity on their network Friday morning and eventually realized the city's networks had been breached. Deeming it a serious attack, they sought help from the governor and federal law enforcement agencies as well as cybersecurity companies. Mr. Walz issued an executive order on Tuesday directing the National Guard to assign military computer experts to assist officials in St. Paul. In the order, Mr. Walz said that 'the scale and complexity of this incident exceeded both internal and commercial response capabilities.' Ransomware attacks have become a growing menace for municipal governments. One that targeted Atlanta in 2018 resulted in losses worth millions of dollars, according to federal prosecutors who charged two Iranian men in that case. In recent weeks, cyberattacks have crippled municipal networks in Texas, Oklahoma and Puerto Rico. In late June, the U.S. Cybersecurity and Infrastructure Security Agency issued a statement urging officials who control sensitive computer systems to 'to stay vigilant to Iranian-affiliated cyber actors that may target U.S. devices and networks.'
Time of India
21-07-2025
- Business
- Time of India
What to know about a vulnerability being exploited on Microsoft SharePoint servers
Academy Empower your mind, elevate your skills Microsoft has issued an emergency fix to close off a vulnerability in Microsoft's SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal company issued an alert to customers Saturday saying it was aware of the zero-day exploit being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 is a zero-day exploit? A zero-day exploit is a cyberattack that takes advantage of a previously unknown security vulnerability. "Zero-day" refers to the fact that the security engineers have had zero days to develop a fix for the to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the exploit affecting SharePoint is "a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations with on-premise SharePoint servers."Security researchers warn that the exploit, reportedly known as "ToolShell," is a serious one and can allow actors to fully access SharePoint file systems, including services connected to SharePoint, such as Teams and Threat Intelligence Group warned that the vulnerability may allow bad actors to "bypass future patching."How widespread is the impact? Eye Security said in its blog post that it scanned over 8,000 SharePoint servers worldwide and discovered that at least dozens of systems were compromised. The cybersecurity company said the attacks likely began on July the scope of the attack is still being assessed, CISA warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
Arab Times
21-07-2025
- Business
- Arab Times
Microsoft releases urgent fix for SharePoint vulnerability being used in global cyberattacks
NEW YORK, July 21, (AP): Microsoft has issued an emergency fix to close off a vulnerability in Microsoft's SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies. The company issued an alert to customers Saturday saying it was aware of the zero-day exploit - where hackers take advantage of a previously unknown vulnerability - being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software. Cyber criminals often use zero-day exploits to steal sensitive data and passwords. The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams. The company said in its blog post that it discovered at least dozens of systems were compromised around the world. Security engineers stated the attacks occurred in waves on July 18 and 19. Although the scope of the attack is still being assessed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
Washington Post
21-07-2025
- Business
- Washington Post
Microsoft releases urgent fix for Sharepoint vulnerability being used in global cyberattacks
NEW YORK — Microsoft has issued an emergency fix to close off a vulnerability in Microsoft's SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies. The company issued an alert to customers Saturday saying it was aware of the zero-day exploit — where hackers take advantage of a previously unknown vulnerability — being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software. Cyber criminals often use zero-day exploits to steal sensitive data and passwords. The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams. The company said in its blog post that it discovered at least dozens of systems were compromised around the world. Security engineers stated the attacks occurred in waves on July 18 and 19. Although the scope of the attack is still being assessed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
