Latest news with #securityvulnerability
Khaleej Times
23-07-2025
- Khaleej Times
Microsoft server hack has now hit 400 victims, researchers say
A sweeping cyber-espionage campaign organisation centered on vulnerable versions of Microsoft's server software has now claimed about 400 victims, according to researchers at Netherlands-based Eye Security. The figure, which is derived from a count of digital artifacts discovered during scans of servers running vulnerable versions of Microsoft's SharePoint software, compares to 100 organisations cataloged over the weekend. Eye Security says the figure is likely an undercount. "There are many more, because not all attack vectors have left artifacts that we could scan for," said Vaisha Bernard, the chief hacker for Eye Security, which was among the first organisations to flag the breaches. The spy campaign kicked off after Microsoft failed to fully patch a security hole in its SharePoint server software, kicking off a scramble to fix the vulnerability when it was discovered. Microsoft and its tech rival, Google owner Alphabet, have both said Chinese hackers are among those taking advantage of the flaw. Beijing has denied the claim. The details of most of the victim organisations have not yet been fully disclosed. Bernard declined to identify them.
Yahoo
21-07-2025
- Yahoo
Microsoft Sharepoint server vulnerability puts an estimated 10,000 organizations at risk
A major zero-day security vulnerability in Microsoft's widely used SharePoint server software has been exploited by hackers, causing chaos within businesses and government agencies, multipleoutlets have reported. Microsoft announced that it had released a new security patch "to mitigate active attacks targeting on-premises [and not online] servers," but the breach has already effected universities, energy companies, federal and state agencies and telecommunications firms. The SharePoint flaw is a serious one, allowing hackers to access file systems and internal configurations or even execute code, to completely take over systems. The flaw could put more than 10,000 companies at risk, Cybersecurity company Censys told The Washington Post. "It's a dream for ransomeware operators, and a lot of attackers are going to be working this weekend as well." Google's Threat Intelligence Group added that the flaw allows "persistent, unauthenticated access that can bypass future patching." The US Cybersecurity and Infrastucture Security agency (CISA) said that any servers affected by the exploit should be disconnected from the internet until a full patch arrives. It added that the impact of the attacks is still being probed. The vulnerability was first spotted by Eye Security, which said the flaw allows hackers to access SharePoint servers and steal keys in order to impersonate users or services. "Because SharePoint often connects to core services like Outlook, Teams, and OneDrive, a breach can quickly lead to data theft, password harvesting, and lateral movement across the network," Eye Security wrote in a blog post. The FBI is aware of the attack and is working closely with government and private sector partners. It's not immediately clear which groups are behind the zero-day hacks. In any case, the attack is liable to put Microsoft under the microscope again. A 2023 breach of Exchange Online mailboxes led the White House's Cyber Safety Review Board to declare that Microsoft's security culture was "inadequate."
