Particle.news

Download on the App Store

Ransomware Gangs Exploit Unpatched SharePoint Zero-Day, Driving Infection Surge

Hundreds of on-premises servers remain compromised despite Microsoft’s emergency patch, with European SMEs facing growing ransomware threats.

Image
Image

Overview

  • According to cybersecurity firm Eye Security, 396 on-premises SharePoint servers in 145 organizations have been compromised worldwide.
  • Microsoft released an emergency patch on July 22, but many organizations have yet to install it or were infected before its deployment.
  • Microsoft attributes the initial wave of intrusions to Chinese-affiliated groups Linen Typhoon, Violet Typhoon and Storm-2603.
  • Criminal gangs are leveraging persistent backdoors to prepare ransomware attacks that encrypt victims’ data for extortion.
  • European small and mid-sized enterprises running on-premises deployments without continuous security monitoring face heightened risk.