Microsoft has issued a warning about "active attacks" on self-hosted SharePoint servers, which many organizations use for document sharing and internal collaboration. Versions of SharePoint running on Microsoft servers are not affected.
Called “zero-day” because it exploits a previously undisclosed digital weakness, the attacks allow spies to infiltrate vulnerable servers and potentially create a backdoor to secure persistent access to victim organizations.
Hackers used a "zero-day" technique based on Microsoft's Sharepoint platform to install the backdoor. Photo: The Winon
Vaisha Bernard, chief hacker at Eye Security, a cybersecurity company based in the Netherlands, discovered the cyberattack campaign targeting one of its clients on Friday. An internet scan conducted with the Shadowserver Foundation uncovered nearly 100 victims — and that was before the technique behind the attack became widely known.
“Obviously,” Bernard said. “Who knows what other adversaries have done to install more backdoors.”
He declined to name the affected organisations and said relevant national authorities had been informed.
The Shadowserver Foundation confirmed the 100 figure. The organization said most of those affected were in the United States and Germany, and victims included government organizations.
More than 100 organizations including government agencies, mainly from the US and Germany, were affected by the attack. Photo: Microsoft Media
So far, the espionage appears to have been carried out by one or a group of hackers, another researcher said.
“It’s likely that this will change very quickly,” said Rafe Pilling, director of Threat Intelligence at Sophos, a British cybersecurity company.
Microsoft said it has "provided security updates and encouraged customers to install them," a company spokesperson said in an emailed statement.
It is not yet clear who is behind the ongoing cyberattack, but Alphabet's Google, which has the ability to monitor a wide range of internet traffic, said it has linked at least some of the attacks to "a threat actor with links to China."
Last week, Microsoft also got into a major scandal when its secret surveillance program with the US Department of Defense was exposed, in which a Chinese engineer was recruited simply by submitting an online application.
Source: https://khoahocdoisong.vn/microsoft-bi-tan-cong-100-to-chuc-bi-anh-huong-post1556496.html
Comment (0)