Particle.news
Download on the App Store
47 ARTICLES
·
2d ago

Microsoft Deploys Final SharePoint Patches After China-Linked Hackers Breach 400 Servers

CISA’s rapid advisories prompted organizations to rotate keys under new guidelines to hunt for persistent intrusions.

Microsoft signage is seen at the company's headquarters in Redmond, Washington, U.S., January 18, 2023. REUTERS/Matt Mills McKnight/File Photo
Image
Image

Overview

  • Researchers at Eye Security reported that more than 400 on-premises SharePoint servers had been compromised as of July 23, spanning government, energy, education and telecommunications across North America and Europe.
  • After an initial patch on July 8 was bypassed, Microsoft issued comprehensive fixes for SharePoint Server 2016, 2019 and Subscription Edition on July 21.
  • Organizations are being urged to rotate digital keys, deploy anti-malware protections and hunt for residual intrusions to ensure complete remediation.
  • Microsoft has linked the campaign to state-backed Chinese actors Linen Typhoon, Violet Typhoon and Storm-2603, warning that they exploited the flaws to steal data and harvest passwords.
  • Although the U.S. National Nuclear Security Administration was breached, officials report that no sensitive or classified information was compromised.