All articles tagged with #microsoft sharepoint
Researchers suggest that a leak of exploit details, possibly from a Pwn2Own competition, allowed attackers including Chinese spies and ransomware groups to exploit vulnerabilities in Microsoft SharePoint before patches could fully prevent the attacks, leading to widespread compromises and ongoing security concerns.
The US National Nuclear Security Administration was reportedly breached through a zero-day vulnerability in on-premises Microsoft SharePoint software, exploited by Chinese-affiliated hacking groups. Despite the breach, no sensitive information was leaked, and Microsoft has patched the flaw. The incident highlights ongoing cybersecurity risks associated with SharePoint vulnerabilities.
The US National Nuclear Security Administration was breached through a Microsoft SharePoint zero-day vulnerability, with Chinese state-sponsored hackers exploiting the flaw to access various government and private organizations, though no sensitive nuclear information was reportedly compromised.
Hackers are exploiting a zero-day vulnerability in Microsoft SharePoint servers, putting tens of thousands of on-premises servers at risk of data theft and unauthorized access. Microsoft has issued patches for some versions and is working on others, while authorities advise disconnecting affected servers from the internet until secured.
A functional exploit for a critical Microsoft SharePoint vulnerability, CVE-2023-29357, is reportedly in the hands of a ransomware group, despite being added to the US's must-patch list. The vulnerability, which can achieve remote code execution, was first identified in June 2023 and has been actively exploited by cybercriminals. Security experts warn that organizations need to apply manual, SharePoint-specific patches to ensure the fixes are properly applied, as simply applying the June 2023 Patch Tuesday updates won't automatically protect their systems.
CISA warns of active exploitation of a critical Microsoft SharePoint privilege escalation vulnerability (CVE-2023-29357) that allows attackers to gain admin privileges by spoofing JWT auth tokens. This flaw can be chained with another critical bug (CVE-2023-24955) for remote code execution. A proof-of-concept exploit has been released on GitHub, and other PoC exploits have surfaced online, making it easier for threat actors to deploy attacks. CISA has added the vulnerability to its Known Exploited Vulnerabilities Catalog and mandated U.S. federal agencies to patch it by January 31.
CISA has identified an actively exploited critical security vulnerability in Microsoft SharePoint Server, allowing attackers to gain administrator privileges. The vulnerability, CVE-2023-29357, was demonstrated at a hacking contest and combines authentication bypass with a code injection bug. Federal agencies are urged to apply patches by January 31, 2024, to protect against this threat.