News

Microsoft grapples with another security breach: The latest on the SharePoint attacks

Microsoft confirms Chinese hackers exploited a SharePoint flaw; Patches now available. Cloud-based Microsoft 365 not affected ...
Microsoft7d

Disrupting active exploitation of on-premises SharePoint vulnerabilities

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities ...

Microsoft SharePoint under 'active exploitation,' Homeland Security's CISA says

Microsoft said the company has been "coordinating closely with CISA, DOD Cyber Defense Command, and key cybersecurity ...
ZAWYA5h

Kaspersky reveals SharePoint ToolShell vulnerabilities stem from incomplete 2020 fix

Kaspersky GReAT researchers analyzed the published ToolShell exploit and found it alarmingly similar to the 2020 ...

Microsoft SharePoint attack now sees victim count rises to 400 organizations, including US nuclear agency

New estimates regarding the recently-exploited Microsoft SharePoint vulnerabilities now evaluate that as many as 400 ...
CPO Magazine3d

Microsoft Releases Emergency Updates Amid Active Exploitation of SharePoint Zero-Day Vulnerability Chain

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code ...
Hackaday3d

This Week In Security: Sharepoint, Initramfs, And More

There was a disturbance in the enterprise security world, and it started with a Pwn2Own Berlin. [Khoa Dinh] and the team at ...

Microsoft probing if Chinese hackers learned SharePoint flaws through alert, Bloomberg News reports

Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to ...

Critical Sharepoint security vulnerability: First patches are available

Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell ...

Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech ...
JD Supra3d

SharePoint Server Vulnerabilities Exploited Despite Emergency Patch

Microsoft has confirmed that vulnerabilities in its on-premises SharePoint Server installations, a network spoofing vulnerability (CVE-202549706), ...

A Microsoft SharePoint 0-Day Security Vulnerability Was Just Weaponized At Scale

Microsoft Systems administrators everywhere, it looks like you get a Patch Monday as a side dish to the usual Patch Tuesday ...