(Surprise, surprise.)
From:
https://tinyurl.com/3vmvzsxs (newsmax.com)
===
Hackers Penetrate Another Microsoft Product
By Brian Freeman | Sunday, 20 July 2025 07:55 PM EDT
Hackers launched a global attack on government agencies and businesses
over the last several days by exploiting a security flaw in widely used
Microsoft server software, The Washington Post reported on Sunday.
The U.S. government, along with partners in Canada and Australia, are
probing the compromise of SharePoint servers, which provide a platform for
sharing and managing documents.
Victims worldwide have been left to scramble to respond as tens of
thousands of such servers are at risk, experts said, and Microsoft has
issued no patch for the flaw.
This attack is only the latest cybersecurity embarrassment for Microsoft.
Last year, the company was criticized by a panel of U.S. government and
industry experts for lapses that allowed a 2023 targeted Chinese hack of
U.S. government emails, including those of then-Commerce Secretary Gina
Raimondo.
This most recent attack compromises only those servers housed within an
organization - not those in the cloud, such as Microsoft 365, officials
told the Post. Microsoft has suggested that users make modifications to
SharePoint server programs or unplug them from the internet in order to
halt the breach.
"We are seeing attempts to exploit thousands of SharePoint servers
globally before a patch is available," said Pete Renals, a senior manager
with Palo Alto Networks' Unit 42. "We have identified dozens of
compromised organizations spanning both commercial and government
sectors."
Such a breach can lead to theft of sensitive data as well as password
harvesting, Netherlands-based research company Eye Security pointed out.
Another problem is it was not immediately clear who is behind the hacking
or what its ultimate goal is. Eye Security said it has tracked more than
50 breaches, including at an energy firm in a large state and several
European government agencies.
At least two U.S. federal agencies have seen their servers breached,
according to researchers, who said victim confidentiality agreements
prevent them from naming the targets.
One state official in the eastern U.S. said the attackers had "hijacked" a
repository of documents provided to the public to help residents
understand how their government works.
Such "wiper" attacks are rare, and this one left officials alarmed in
other states as word spread.
The breaches took place after Microsoft repaired a security flaw earlier
this month, but the attackers realized they could use a similar
vulnerability, according to the Department of Homeland Security's
Cybersecurity and Infrastructure Security Agency.
CISA spokeswoman Marci McCarthy said the agency was alerted to the issue
Friday by a cyber research firm and immediately informed Microsoft.
On Friday, Microsoft said it would stop using China-based engineers to
back Defense Department cloud-computing programs after a report by
investigative outlet ProPublica revealed the practice, which led Defense
Secretary Pete Hegseth to order a review of Pentagon cloud deals.
Others that were breached included a government agency in Spain, a local
agency in Albuquerque, and a university in Brazil, security researchers
said.
===
-- Sean
--- FleetStreet 1.27.1
* Origin: Outpost BBS Local Console * bbs.outpostbbs.net:10323 (618:618/1)