Security News > 2024 > April > New SharePoint flaws help hackers evade detection when stealing files
Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint.
Microsoft SharePoint is a web-based collaborative platform that integrates with Microsoft Office and 365, primarily as a document management and data storage system.
Due to the sensitivity of SharePoint data, many companies audit sensitive events, like the downloading of data, to trigger alerts in cloud access security tools, data loss prevention tools, and security information and event management platforms.
The second technique involves spoofing the User-Agent string of the file access requests to mimic Microsoft SkyDriveSync, a service used for file synchronization between SharePoint and a user's local computer.
CISA tags Microsoft SharePoint RCE bug as actively exploited.
CISA: Critical Microsoft SharePoint bug now actively exploited.