Attacks exploiting a Microsoft SharePoint zero-day vulnerability have compromised nearly 100 organizations over the weekend, reports Reuters.
The U.S. and Germany were most affected by the intrusions, according to The Shadowserver Foundation, which estimates that at least 9,000 SharePoint servers belonging to government entities, industrial firms, banks, and healthcare organizations have already been infiltrated. Additional details regarding the intrusion and its impact remain uncertain, with the FBI only noting ongoing collaboration with federal and private sector partners. However, Google suspects the illicit activity to have been conducted by a China-linked threat actor. Such a development comes after Microsoft warned of ongoing intrusions against self-hosted SharePoint instances, while emphasizing that there has been no impact on servers hosted by its own servers. "The SharePoint incident appears to have created a broad level of compromise across a range of servers globally. Taking an assumed breach approach is wise, and it's also important to understand that just applying the patch isn't all that is required here," said PwnDefend's Daniel Card.
The U.S. and Germany were most affected by the intrusions, according to The Shadowserver Foundation, which estimates that at least 9,000 SharePoint servers belonging to government entities, industrial firms, banks, and healthcare organizations have already been infiltrated. Additional details regarding the intrusion and its impact remain uncertain, with the FBI only noting ongoing collaboration with federal and private sector partners. However, Google suspects the illicit activity to have been conducted by a China-linked threat actor. Such a development comes after Microsoft warned of ongoing intrusions against self-hosted SharePoint instances, while emphasizing that there has been no impact on servers hosted by its own servers. "The SharePoint incident appears to have created a broad level of compromise across a range of servers globally. Taking an assumed breach approach is wise, and it's also important to understand that just applying the patch isn't all that is required here," said PwnDefend's Daniel Card.




