Latest news with #VaishaBernard
Khaleej Times
18 minutes ago
- Khaleej Times
Microsoft server hack has now hit 400 victims, researchers say
A sweeping cyber-espionage campaign organisation centered on vulnerable versions of Microsoft's server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artifacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organisations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. The details of most of the victim organisations have not yet been fully disclosed. Bernard declined to identify them.
The Star
19 minutes ago
- Business
- The Star
Microsoft server hack has now hit 400 victims, researchers say
FILE PHOTO: A view shows a Microsoft logo at Microsoft offices in Issy-les-Moulineaux near Paris, France, March 25, 2024. REUTERS/Gonzalo Fuentes/File photo WASHINGTON (Reuters) -A sweeping cyber-espionage campaign organization centered on vulnerable versions of Microsoft's server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artifacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet , have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. The details of most of the victim organizations have not yet been fully disclosed. Bernard declined to identify them. (Reporting by Raphael Satter; Editing by Jan Harvey and Mark Porter)
Reuters
an hour ago
- Reuters
Microsoft server hack has now hit 400 victims, researchers say
WASHINGTON, July 23 (Reuters) - A sweeping cyber-espionage campaign organization centered on vulnerable versions of Microsoft's (MSFT.O), opens new tab server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artifacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet (GOOGL.O), opens new tab, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. The details of most of the victim organizations have not yet been fully disclosed. Bernard declined to identify them.
CNA
an hour ago
- Business
- CNA
Microsoft server hack has now hit 400 victims, researchers say
WASHINGTON :A sweeping cyber-espionage campaign organization centered on vulnerable versions of Microsoft's server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artifacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet , have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim.
Business Times
2 hours ago
- Business
- Business Times
Tally of Microsoft victims surges to 400 as hackers capitalise on SharePoint flaw
[WASHINGTON] The number of companies and organisations compromised by a security vulnerability in Microsoft's SharePoint servers is increasing rapidly, with the tally of victims soaring more than six-fold in a few days, according to one research firm. Hackers have breached about 400 government agencies, corporations and other groups, according to estimates from Eye Security, the Dutch cybersecurity company that identified an early wave of the attacks last week. That's up from roughly 60 based on its previous estimate provided to Bloomberg News on Tuesday. The security firm said that most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands. The National Nuclear Security Administration, the US agency responsible for maintaining and designing the nation's cache of nuclear weapons, was among those breached, Bloomberg reported earlier. The hacks are among the latest major breaches that Microsoft has blamed, at least in part, on China and come amid heightened tensions between Washington and Beijing over global security and trade. The US has repeatedly criticised China for campaigns that have allegedly stolen government and corporate secrets over a period spanning decades. 'We estimate that the real number might be much higher as there can be many more hidden ways to compromise servers that do not leave traces,' Eye Security's co-owner Vaisha Bernard said in an email to Bloomberg News. 'This is still developing, and other opportunistic adversaries continue to exploit vulnerable servers.' The organisations compromised in the SharePoint breaches include many working in government, education, and technology services, Bernard said. There were smaller numbers of victims in countries across Europe, Asia, the Middle East and South America. BT in your inbox Start and end each day with the latest news stories and analyses delivered straight to your inbox. Sign Up Sign Up US Treasury Secretary Scott Bessent, who is set to meet his Chinese counterparts in Stockholm next week for a third round of trade talks, suggested in a Bloomberg Television interview on Wednesday (Jul 23) that the SharePoint hacks will be discussed. 'Obviously things like that will be on the agenda with my Chinese counterparts,' he said. The security flaws allow hackers to access SharePoint servers and steal keys that can let them impersonate users or services, potentially enabling deep access into compromised networks to steal confidential data. Microsoft has issued patches to fix the vulnerabilities, but researchers cautioned that hackers may have already got a foothold into many servers. Microsoft on Tuesday accused Chinese state-sponsored hackers known as Linen Typhoon and Violet Typhoon of being behind the attacks. Another hacking group based in China, which Microsoft calls Storm-2603, also exploited them, according to the company. The Redmond, Washington company has repeatedly blamed China for major cyberattacks. In 2021, an alleged Chinese operation compromised tens of thousands of Microsoft Exchange servers. In 2023, another alleged Chinese attack on Microsoft Exchange compromised senior US officials' email accounts. A US government review later accused Microsoft of a 'cascade of security failures' over the 2023 incident. Eugenio Benincasa, a researcher at ETH Zurich's Center for Security Studies who specialises in analysing Chinese cyberattacks, said members of the groups identified by Microsoft had previously been indicted in the US for their alleged involvement in hacking campaigns targeting US organisations. They are well known for their 'extensive espionage,' he said. It's likely that the SharePoint breaches are being carried out by proxy groups that work with the government rather than Chinese government agencies directly carrying out the hacking, according to Benincasa. Private hacking companies in the country sometimes participate in 'hacker for hire' operations, he added. 'Now that at least three groups have reportedly exploited the same vulnerability, it's plausible more could follow,' he said. 'Cybersecurity is a common challenge faced by all countries and should be addressed jointly through dialogue and cooperation,' said Chinese Foreign Ministry spokesman Guo Jiakun. 'China opposes and fights hacking activities in accordance with the law. At the same time, we oppose smears and attacks against China under the excuse of cybersecurity issues.' According to Microsoft, the hacking group Linen Typhoon was first identified in 2012, and is focused on stealing intellectual property, primarily targeting organisations related to government, defence, strategic planning, and human rights. Violet Typhoon, first observed in 2015, was 'dedicated to espionage' and primarily targeted former government and military personnel, non-governmental organisations, as well as media and education sectors in the US, Europe, and East Asia. The hackers have also used the SharePoint flaws to break into systems belonging to the US Education Department, Florida's Department of Revenue and the Rhode Island General Assembly, Bloomberg previously reported. BLOOMBERG
