Overview

• According to cybersecurity firm Eye Security, 396 on-premises SharePoint servers in 145 organizations have been compromised worldwide.
• Microsoft released an emergency patch on July 22, but many organizations have yet to install it or were infected before its deployment.
• Microsoft attributes the initial wave of intrusions to Chinese-affiliated groups Linen Typhoon, Violet Typhoon and Storm-2603.
• Criminal gangs are leveraging persistent backdoors to prepare ransomware attacks that encrypt victims’ data for extortion.
• European small and mid-sized enterprises running on-premises deployments without continuous security monitoring face heightened risk.