Global Cyber Espionage Hits Microsoft SharePoint Servers
A large-scale cyber espionage campaign has compromised around 100 different organizations using Microsoft server software. Dubbed a 'zero-day' attack, this operation has affected government and private institutions primarily in the U.S. and Germany and exploits undisclosed vulnerabilities in SharePoint servers to gain unauthorized access.
A sweeping cyber espionage campaign has compromised Microsoft SharePoint servers, affecting approximately 100 organizations as of the weekend, according to two entities involved in uncovering the operation. Microsoft issued an alert on Saturday about active attacks targeting self-hosted SharePoint servers, which are essential for document sharing and collaboration in numerous organizations.
Labeled a 'zero-day' exploit due to its use of a previously unknown vulnerability, the hack allows espionage actors to infiltrate vulnerable servers. Vaisha Bernard from Eye Security, the firm that discovered the attack, revealed through an internet scan done with the Shadowserver Foundation that almost 100 entities had been targeted, even before the attack technique became widely known.
The exploitation appears to specifically target a narrow set of government-related organizations, with potential victims extending into thousands globally. Significant entities among the victims include government bodies, industrial firms, banks, and healthcare companies. Sophos' Rafe Pilling warned of potential escalation, while Microsoft encourages users to install patches promptly as the identity of the attackers remains uncertain.
(With inputs from agencies.)
Google News