Therefore,
What we know about hacking:
Safety flaws have been used for more than a week by hackers to target SharePoint servers. Similarly, a Microsoft service used worldwide to share files within a company or an organization. Furthermore, While the American company has published several fixes, the vagueness persists around the real number of victims.
The alert was given on Saturday July 19 by Microsoft. Moreover, The group revealed the existence of a security flaw allowing anyone to execute malicious code on a SharePoint server. Consequently, a critical vulnerability opening the door to data or spy campaigns. Meanwhile, Above all, this flaw has already been exploited by attackers, warns Microsoft.
Correctives are now available for this security flaw, as well as others identified thereafter. But experts now seek to determine who are the pirates who have managed to exploit it. still seeking what we know about hacking vulnerable servers today. To date, the security teams have identified at least three actors attacking SharePoint bodies, all suspected of operating China.
Two state groups – What we know about hacking
Among them. two are considered state groups: Violet Typhoon, better known as Apt 31 and suspected of numerous online spy campaigns on behalf of the Chinese authorities for ten years. The other group probably close to the Chinese government is Apt 27, here designated under the name of Linen Typhoon. Recently targeted by an act of American indictment. he is accused of having orchestrated spy campaigns consisting in stealing data and then reselling them later. The third group. whose contours are still blurred, is suspected for its part of relying on SharePoint’s vulnerabilities to deploy ransomics, malicious tools designed to paralyze computers and networks.
The largest shadow area concerns, at this stage, the identity of the victims of these hacks. what we know about hacking Contacted by the Bloomberg news agency. the American energy department has confirmed that a “Small number of systems” had been touched. For the time being. the only global assessment emanates from a company specialized in computer security, Eye Security, which published its analysis of this campaign from July 19: it reports 400 servers compromised during three successful waves of cyber attacks.
Further reading: The FRC denounces illegal working conditions for organic tomato suppliers – RTS.CH – Inflation continues to hurt the wallet – Elections in Japan: the future of the pending Prime Minister after a bitter reverse – A week of meals at less than $ 2.37 per portion – Oberglatt: the suspect of a murder arrested at Zurich station.
