Vulnerability Management, Threat Intelligence

Almost 100 orgs impacted by Microsoft SharePoint attacks

Person holding smartphone with logo of collaborative platform Microsoft SharePoint on screen in front of website. Focus on phone display.

Attacks exploiting a Microsoft SharePoint zero-day vulnerability have compromised nearly 100 organizations over the weekend, reports Reuters.

The U.S. and Germany were most affected by the intrusions, according to The Shadowserver Foundation, which estimates that at least 9,000 SharePoint servers belonging to government entities, industrial firms, banks, and healthcare organizations have already been infiltrated. Additional details regarding the intrusion and its impact remain uncertain, with the FBI only noting ongoing collaboration with federal and private sector partners. However, Google suspects the illicit activity to have been conducted by a China-linked threat actor. Such a development comes after Microsoft warned of ongoing intrusions against self-hosted SharePoint instances, while emphasizing that there has been no impact on servers hosted by its own servers. "The SharePoint incident appears to have created a broad level of compromise across a range of servers globally. Taking an assumed breach approach is wise, and it's also important to understand that just applying the patch isn't all that is required here," said PwnDefend's Daniel Card.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds