The Threat CodexMar 17
Ransomware Under Pressure: Tactics, Techniques, and Procedures in a Shifting Threat Landscape
#CVE_2024_21762 #CVE_2021_27877 #CVE_2021_27878 #CVE_2021_40539 #CVE_2024_55591 #CVE_2019_6693 #CVE_2024_40766 #CVE_2023_4966 #CVE_2025_53771 #CVE_2025_53770 #CVE_2025_31324 #CVE_2024_3400 #CVE_2025_31161 #QilinGroup #QilinRansomware #Akira #REDBIKE #Cl0p #PLAY #SafePay #INCRansomware #RansomHub #DragonForce #UNC6016 #UNC2465
https://cloud.google.com/blog/topics/threat-intelligence/ransomware-ttps-shifting-threat-landscape/
Ransomware Tactics, Techniques, and Procedures in a Shifting Threat Landscape | Google Cloud Blog

An overview of the ransomware landscape and common TTPs directly observed in 2025 ransomware incidents.

Google Cloud Blog
The Threat CodexJul 22, 2025
Disrupting active exploitation of on-premises SharePoint vulnerabilities
#LinenTyphoon #VioletTyphoon #Storm_2603 #CVE_2025_53770 #CVE_2025_49704 #CVE_2025_53771 #CVE_2025_49706
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/
Disrupting active exploitation of on-premises SharePoint vulnerabilities | Microsoft Security Blog

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.

Microsoft Security Blog
CyberVeille.chJul 22, 2025
📢 Microsoft publie des correctifs d'urgence pour des vulnérabilités critiques dans SharePoint
📝 L'artic...
📖 cyberveille : https://cyberveille.ch/posts/2025-07-22-microsoft-publie-des-correctifs-d-urgence-pour-des-vulnerabilites-critiques-dans-sharepoint/
🌐 source : https://blog.qualys.com/vulnerabilities-threat-research/2025/07/21/toolshell-zero-day-microsoft-rushes-emergency-patch-for-actively-exploited-sharepoint-vulnerabilities
#CVE_2025_53770 #CVE_2025_53771 #Cyberveille
CyberVeille.chJul 22, 2025
📢 Exploitation active de vulnérabilités critiques sur SharePoint Server
📝 Cisco Talos a rapporté l'**exploitation active** de deux vulnérabilités critiques de **traversée de répertoires** (CVE-2025-53770 et CVE-2025-537...
📖 cyberveille : https://cyberveille.ch/posts/2025-07-22-exploitation-active-de-vulnerabilites-critiques-sur-sharepoint-server/
🌐 source : https://blog.talosintelligence.com/toolshell-affecting-sharepoint-servers/
#CVE_2025_53770 #CVE_2025_53771 #Cyberveille
RedPacket SecurityJul 21, 2025

CVE Alert: CVE-2025-53771 - https://www.redpacketsecurity.com/cve_alert_cve-2025-53771/

#OSINT #ThreatIntel #CyberSecurity #cve_2025_53771

CVE Alert: CVE-2025-53771 - RedPacket Security

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform

RedPacket Security
The Threat CodexJul 21, 2025
ToolShell: Critical SharePoint Zero-Day Exploited in the Wild
#CVE_2025_53770 #CVE_2025_53771 #CVE_2025_49706
https://www.security.com/threat-intelligence/toolshell-zero-day-sharepoint-cve-2025-53770
ToolShell: Critical SharePoint Zero-Day Exploited in the Wild

Symantec products already block CVE-2025-53770 exploit attempts.