A major cyberattack targeting Microsoft’s SharePoint server software has compromised nearly 100 organizations around the world.
Share A major cyberattack targeting Microsoft’s SharePoint server software has compromised nearly 100 organizations around the world, cybersecurity experts revealed. The attack exploited a previously unknown flaw – known as a “zero-day vulnerability” – allowing hackers to infiltrate vulnerable self-hosted SharePoint servers. Microsoft has since released a security update, but experts are concerned that simply applying the patch may not be enough to prevent further damage.
On Saturday, Microsoft issued a warning about active cyberattacks on self-hosted SharePoint servers, which are commonly used for internal document sharing and team collaboration. As per the tech giant, SharePoint instances hosted on Microsoft servers remain unaffected.
The vulnerability allows hackers to break into servers and potentially install backdoors, giving them continuous access to sensitive systems. A Netherlands-based cybersecurity firm Eye Security discovered the breach while investigating a client incident. A joint scan with the Shadowserver Foundation revealed that about 100 organizations had already been compromised – even before the exploit became widely known.
While the names of the affected organizations haven’t been disclosed, most are located in the United States and Germany. Victims reportedly include government agencies, industrial companies, financial institutions, healthcare providers, and even auditing firms. Some UK-based targets were also identified.
Though the exact origin of the attack remains unconfirmed, Google’s security team suspects involvement by a “China-nexus threat actor.” The Chinese Embassy has not responded to the allegations, and Beijing routinely denies cyberespionage activities.
Cybersecurity specialists are urging organizations to assume they’ve been breached if using self-hosted SharePoint. According to Shadowserver, over 9,000 servers worldwide are potentially at risk. Experts like Daniel Card of PwnDefend stress that installing Microsoft’s patch is essential, but deeper investigation and incident response steps are also necessary.
The FBI and the UK’s National Cyber Security Centre have acknowledged the threat and are monitoring the situation closely. Organizations are advised to act quickly, as more hackers could begin exploiting the same vulnerability now that it’s publicly known.
Get latest Tech and Auto news from Techlusive on our WhatsApp Channel, Facebook, X (Twitter), Instagram and YouTube.Author Name | Shubham Arora
Don't Miss Out the Latest Updates. Subscribe to Our Newsletter Today!
Select Language
