Security News

FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug
2019-05-10 21:29

Using a bug patched in March, the attacks are starting to ramp up worldwide.

Office 365 Phishing Campaign Hides Malicious URLs in SharePoint Files
2018-08-15 16:06

Researchers say the "PhishPoint" tactic has already impacted 10 percent of Office 365 users globally.

New Office 365 phishing attack uses malicious links in SharePoint documents
2018-08-15 11:45

Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in security, Avanan researchers...

Most SharePoint Installations Vulnerable to XSS Attacks (Security Week)
2017-06-15 10:43

One of the vulnerabilities patched by Microsoft this week with its monthly security updates is a potentially serious cross-site scripting (XSS) flaw believed to affect most SharePoint 2016...

Week in review: WannaCry disaster, SharePoint security, the importance of security culture (Help Net Security)
2017-05-15 02:00

Here’s an overview of some of last week’s most interesting news and articles: Massive ransomware campaign spreading around the world like wildfire Organizations around the world have been hit with...

SharePoint houses sensitive data, but organizations are not keeping it safe (Help Net Security)
2017-05-08 13:25

A new report from The Ponemon Institute is focused on how organizations are keeping sensitive or confidential data safe in collaboration and file sharing environments such as SharePoint, Dropbox,...

SharePoint Hacking With SPartan (Reddit)
2015-12-09 13:39

Persistent XSS flaw in SharePoint 2013 revealed, patched (Help Net Security)
2015-09-16 11:15

Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the Microsoft Office server suite...

Microsoft patches Windows, IE, Office, SharePoint (Help Net Security)
2015-03-11 07:38

This month Microsoft has released 14 new bulletins, 5 of which are rated as Critical, 9 as Important. As a déjà vu from last month, a critical remote code execution vulnerability (MS15-018) af...