logo
#

Latest news with #cyberespionage

Researchers say Microsoft server hack has now hit 400 victims
Researchers say Microsoft server hack has now hit 400 victims

Free Malaysia Today

time6 days ago

  • Free Malaysia Today

Researchers say Microsoft server hack has now hit 400 victims

Microsoft says Chinese hackers are among those taking advantage of the flaw. (AP pic) WASHINGTON : A sweeping cyber-espionage campaign organisation centred on vulnerable versions of Microsoft's server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artefacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organisations catalogued over the weekend. Eye Security says the figure is likely an undercount. 'There are many more, because not all attack vectors have left artefacts that we could scan for,' said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. The details of most of the victim organisations have not yet been fully disclosed. Bernard declined to identify them.

Microsoft says some SharePoint server hackers now using ransomware
Microsoft says some SharePoint server hackers now using ransomware

Al Arabiya

time6 days ago

  • Politics
  • Al Arabiya

Microsoft says some SharePoint server hackers now using ransomware

A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post. In the post, citing 'expanded analysis and threat intelligence,' Microsoft said a group it dubs 'Storm-2603' is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. 'There are many more, because not all attack vectors have left artifacts that we could scan for,' said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised. 'Additional servers were isolated as a precaution,' he said. The news of the compromise was first reported by the Washington Post. Other outlets said the hacking campaign had breached an even broader range of US agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security had been hit, along with more than five to 12 other agencies. Politico, which cited two US officials, said multiple agencies were believed to have been breached. DHS' cyberdefense arm, CISA, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims. The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google-owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim.

Microsoft says some SharePoint server hackers now use ransomware
Microsoft says some SharePoint server hackers now use ransomware

Zawya

time6 days ago

  • Business
  • Zawya

Microsoft says some SharePoint server hackers now use ransomware

WASHINGTON: A cyber-espionage campaign centered on vulnerable versions of Microsoft's server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post. In the post, citing "expanded analysis and threat intelligence," Microsoft said a group it dubs "Storm-2603" is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised. "Additional servers were isolated as a precaution," he said. The news of the compromise was first reported by the Washington Post. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. (Reporting by Raphael Satter; Editing by Mark Porter and Christopher Cushing)

Microsoft says some SharePoint server hackers now using ransomware
Microsoft says some SharePoint server hackers now using ransomware

Reuters

time6 days ago

  • Business
  • Reuters

Microsoft says some SharePoint server hackers now using ransomware

WASHINGTON, July 23 (Reuters) - A cyber-espionage campaign centered on vulnerable versions of Microsoft's (MSFT.O), opens new tab server software now involves the deployment of ransomware, Microsoft said in a late Wednesday blog post, opens new tab. In the post, citing "expanded analysis and threat intelligence," Microsoft said a group it dubs "Storm-2603" is using the vulnerability to seed the ransomware, which typically works by paralyzing victims' networks until a digital currency payment is made. The disclosure marks a potential escalation in the campaign, which has already hit at least 400 victims, according to Netherlands-based cybersecurity firm Eye Security. Unlike typical state-backed hacker campaigns, which are aimed at stealing data, ransomware can cause widespread disruption depending on where it lands. The figure of 400 victims represents a sharp rise from the 100 organizations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organizations to flag the breaches. The details of most of the victim organizations have not yet been fully disclosed, but on Wednesday a representative for the National Institutes of Health confirmed that one of the organization's servers had been compromised. "Additional servers were isolated as a precaution," he said. The news of the compromise was first reported by the Washington Post. Other outlets said the hacking campaign had breached an even broader range of U.S. agencies. NextGov, citing multiple people familiar with the matter, reported the Department of Homeland Security had been hit, opens new tab, along with more than five to 12 other agencies. Politico, which cited two U.S. officials, said multiple agencies were believed to have been breached, opens new tab. DHS' cyberdefense arm, CISA, did not immediately return a message seeking comment on the reports. Microsoft did not immediately return a message seeking further details on the ransomware angle of the hacking or the reported government victims. The spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google-owner Alphabet (GOOGL.O), opens new tab, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim.

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store