Security News

Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch
2024-10-23 19:30

Plus, a POC to make it extra easy for attackers A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according to...

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
2024-10-23 12:54

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on...

New covert SharePoint data exfiltration techniques revealed
2024-04-10 15:01

Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies' SharePoint server. "These techniques can bypass the detection and enforcement policies of traditional tools, such as cloud access security brokers, data loss prevention, and SIEMs, by hiding downloads as less suspicious access and sync events," they noted.

New SharePoint flaws help hackers evade detection when stealing files
2024-04-09 13:00

Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint. Microsoft SharePoint is a web-based collaborative platform that integrates with Microsoft Office and 365, primarily as a document management and data storage system.

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
2024-03-28 10:20

The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable...

CISA tags Microsoft SharePoint RCE bug as actively exploited
2024-03-27 16:24

CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks. These two SharePoint Server security vulnerabilities can be chained by unauthenticated attackers to gain RCE on unpatched servers, as STAR Labs researcher Nguyễn Tiến Giang demonstrated during last year's March 2023 Pwn2Own contest in Vancouver.

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability
2024-03-27 13:15

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on...

Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew
2024-01-12 19:34

Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list. Without specifically identifying the gang, researcher Kevin Beaumont said that at least one ransomware group has a working exploit for the critical vulnerability, which can potentially achieve remote code execution although the US Cybersecurity and Infrastructure Security Agency said its use in ransomware campaigns is currently "Unknown."

CISA: Critical Microsoft SharePoint bug now actively exploited
2024-01-12 19:24

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. This Microsoft SharePoint Server exploit chain was successfully demoed by STAR Labs researcher Jang during last year's March 2023 Pwn2Own contest in Vancouver, earning a $100,000 reward.

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
2024-01-12 06:35

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV)...