SharePoint

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

by

November 6, 2024 at 01:57PM The VEILDrive threat campaign leverages Microsoft services like Teams and SharePoint to distribute malware through spear-phishing. Discovered by Hunters in September 2024, the attack targeted a U.S. critical infrastructure, using compromised accounts and Quick Assist for remote access. This strategy complicates detection of the malware, which connects to adversary-controlled OneDrive. … Read more

Microsoft SharePoint RCE flaw exploits in the wild – you’ve had 3 months to patch

by

October 23, 2024 at 03:35PM A deserialization vulnerability in Microsoft SharePoint, CVE-2024-38094, is actively exploited, allowing attackers to inject code remotely. CISA added it to its catalog, urging timely remediation for all organizations. Microsoft previously patched the issue, emphasizing the need for swift action, especially for federal agencies by November 12. ### Meeting Takeaways 1. … Read more

CISA tags Microsoft SharePoint RCE bug as actively exploited

by

March 27, 2024 at 12:30PM CISA warns of attackers exploiting a Microsoft SharePoint vulnerability, enabling remote code execution and admin privilege takeover. Nguyễn Tiến Giang earned $100,000 for demonstrating its exploitation. Multiple proof-of-concept exploits have emerged, prompting CISA to order patching by January 31. This poses a significant risk, emphasizing the need for quick patching … Read more

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks

by

March 27, 2024 at 06:42AM CISA added the CVE-2023-24955 SharePoint flaw, part of an exploit chain for unauthenticated remote code execution, to its Known Exploited Vulnerabilities list, after it was demonstrated at Pwn2Own. Microsoft patched this flaw in May 2023. CISA’s catalog now holds four exploited SharePoint vulnerabilities, with CVE-2023-24955 requiring attention by government organizations … Read more

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

by

January 12, 2024 at 02:03AM The U.S. CISA added a critical security vulnerability in Microsoft SharePoint Server to its catalog, noting evidence of active exploitation and the availability of patches from Microsoft. Security researcher Nguyễn Tiến Giang demonstrated an exploit at a hacking contest, with federal agencies advised to apply the patches by January 31, … Read more

CISA Urges Patching of Exploited SharePoint Server Vulnerability

by

January 11, 2024 at 09:21AM CISA warns of actively exploited Microsoft SharePoint Server vulnerability (CVE-2023-29357) allowing unauthenticated attackers to gain admin privileges. Exploit involves sending a spoofed JWT authentication token; no user interaction needed. CISA adds CVE-2023-29357 to Known Exploited Vulnerabilities list, advising federal agencies to patch within 21 days as per BOD 22-01. All … Read more

New Microsoft bug bounty program focuses on AI-powered Bing

by

October 12, 2023 at 01:36PM Microsoft has introduced a new AI bounty program for the AI-driven Bing experience, offering rewards up to $15,000. The program covers vulnerabilities found in AI-powered Bing experiences across various services and products, including bing.com, Microsoft Edge, Microsoft Start Application, and Skype Mobile Application. Qualified submissions are eligible for bounty rewards … Read more

From chaos to cadence: Celebrating two decades of Microsoft’s Patch Tuesday

by

October 11, 2023 at 09:09AM Microsoft introduced Patch Tuesday in October 2003, a monthly release of software fixes on the second Tuesday of each month. The change brought predictability and stability for IT administrators, who previously faced chaotic patching processes. The number of patches has increased significantly over the years, and other vendors have joined … Read more