A global cybersecurity crisis has been triggered by a newly discovered and unpatched vulnerability in Microsoft SharePoint Server, prompting the Governments of the United States, Canada, and Australia to conduct urgent investigations. In what experts are calling a coordinated and large-scale zero-day attack, which is a breach that takes advantage of a previously unknown security vulnerability, an exploit that enables remote code execution without the user’s input, a critical flaw has been exploited to exploit a critical flaw that enables remote code execution without user interaction.
A widely used enterprise platform called SharePoint, which facilitates the sharing and collaboration of documents and ideas, has been identified as one of the latest attack vectors by threat actors looking to gain access to high-value systems. Thousands of servers are said to be vulnerable to the attack, with organisations across the public and private sectors scrambling to protect their systems since there has been no official security patch available from Microsoft for some time.
After this incident, concerns over Microsoft’s security posture continue to grow, coming after a Chinese spying campaign in 2023 compromised email accounts belonging to U.S. government officials, including those belonging to the highest levels of the executive branch. As a result of the review, both the U.S. government and industry experts heavily criticised the company’s
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: