Microsoft Corp’s server software was exploited by unidentified hackers, with analysts warning of widespread cybersecurity breaches across the globe.
Microsoft said it had released a new security patch for customers to apply to their SharePoint servers “to mitigate active attacks targeting on-premises servers,” adding that it was working to roll out others.
The vulnerability allowed hackers to access file systems and internal configurations, as well as execute code, the US Cybersecurity and Infrastructure Security Agency said.
Photo: AP
Cybersecurity firms cautioned that a broad section of organizations around the world could be affected by the breach.
Cybersecurity firm Censys researcher Silas Cutler estimated that more than 10,000 companies with SharePoint servers were at risk.
The US had the largest number of those companies, followed by the Netherlands, the UK and Canada, he said.
“It’s a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,” he added.
Palo Alto Networks Inc warned that “these exploits are real, in-the-wild and pose a serious threat.”
Google Threat Intelligence Group in an e-mailed statement said it had observed hackers exploiting the vulnerability, adding that it allows “persistent, unauthenticated access and presents a significant risk to affected organizations.”
The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers.
Researchers at Eye Security were the first to identify the vulnerability, which allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched.
The company said hackers could maintain access through backdoors or modified components that could survive updates and reboots of systems.
Microsoft has faced a series of recent cyberattacks, warning in March that Chinese hackers were targeting remote management tools and cloud applications to spy on a range of companies and organizations in the US and abroad.
The Cyber Safety Review Board, a White House-mandated group designed to examine major cyberattacks, last year said that Microsoft’s security culture was “inadequate,” following the 2023 hack of the company’s Exchange Online mailboxes. In that incident, hackers were able to breach 22 organizations and hundreds of people including former US secretary of commerce Gina Raimondo.
UNCERTAINTIES: Exports surged 34.1% and private investment grew 7.03% to outpace expectations in the first half, although US tariffs could stall momentum The Chung-Hua Institution for Economic Research (CIER, 中華經濟研究院) yesterday raised its GDP growth forecast to 3.05 percent this year on a robust first-half performance, but warned that US tariff threats and external uncertainty could stall momentum in the second half of the year. “The first half proved exceptionally strong, allowing room for optimism,” CIER president Lien Hsien-ming (連賢明) said. “But the growth momentum may slow moving forward due to US tariffs.” The tariff threat poses definite downside risks, although the scale of the impact remains unclear given the unpredictability of US President Donald Trump’s policies, Lien said. Despite the headwinds, Taiwan is likely
When Lika Megreladze was a child, life in her native western Georgian region of Guria revolved around tea. Her mother worked for decades as a scientist at the Soviet Union’s Institute of Tea and Subtropical Crops in the village of Anaseuli, Georgia, perfecting cultivation methods for a Georgian tea industry that supplied the bulk of the vast communist state’s brews. “When I was a child, this was only my mum’s workplace. Only later I realized that it was something big,” she said. Now, the institute lies abandoned. Yellowed papers are strewn around its decaying corridors, and a statue of Soviet founder Vladimir Lenin
READY TO BUY: Shortly after Nvidia announced the approval, Chinese firms scrambled to order the H20 GPUs, which the company must send to the US government for approval Nvidia Corp chief executive officer Jensen Huang (黃仁勳) late on Monday said the technology giant has won approval from US President Donald Trump’s administration to sell its advanced H20 graphics processing units (GPUs) used to develop artificial intelligence (AI) to China. The news came in a company blog post late on Monday and Huang also spoke about the coup on China’s state-run China Global Television Network in remarks shown on X. “The US government has assured Nvidia that licenses will be granted, and Nvidia hopes to start deliveries soon,” the post said. “Today, I’m announcing that the US government has approved for us
UNIFYING OPPOSITION: Numerous companies have registered complaints over the potential levies, bringing together rival automakers in voicing their reservations US President Donald Trump is readying plans for industry-specific tariffs to kick in alongside his country-by-country duties in two weeks, ramping up his push to reshape the US’ standing in the global trading system by penalizing purchases from abroad. Administration officials could release details of Trump’s planned 50 percent duty on copper in the days before they are set to take effect on Friday next week, a person familiar with the matter said. That is the same date Trump’s “reciprocal” levies on products from more than 100 nations are slated to begin. Trump on Tuesday said that he is likely to impose tariffs
RSS