BGDon 🇨🇦 🇺🇸 👨‍💻Jul 24, 2025

Microsoft fesses up! SharePoint servers hacked. Hundreds of organizations have been breached.

On July 19, Microsoft Security Response Center (MSRC) published a blog outlining active attacks against on-premises instances of SharePoint servers that exploit CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution vulnerability.

Microsoft indicated multiple actors including Chinese nation-state hackers Linen Typhoon and Violet Typhoon are working to exploit these vulnerabilities.

The US Department of Energy confirmed that the National Nuclear Security Administration which oversees and maintains US nuclear weapons was breached.
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/ #Hackers #China #CyberSecurity #Security #SharePoint #Microsoft #MSRC #LinenTyphoon #VioletTyphoon

Kimbo106Jul 24, 2025

Vulnérabilité et tensions sino-américaines

Les vulnérabilités dans Microsoft SharePoint font couler beaucoup d'encre. Mais ce n'est rien comparé à la révélation effectuée par ProPublica. Les services du cloud Azure destinés à l'usage du département de la Défense américaine, le Pentagone, étaient maintenus par des ingénieurs chinois basés en Chine sous la protection du digital escorting.

Des données ultra-sensibles potentiellement sous la surveillance d'une puissance étrangère… D'autant que le dernier bijou technologique de la Chine, Massistant, est capable d’extraire l’intégralité des données d’un smartphone saisi lors d'un contrôle à la frontière. Dans le cadre d’une campagne nationale visant à garantir la « sécurité nationale ».

https://librexpression.fr/quand-le-the-est-froid

#Chine #CVE #databreaches #Europe #France #GAIAX #informatique #leakscandal #Librexpression #LinenTyphoon #Microsoft #ProPublica #SharePoint #Storm2603 #threats #USA #warfare #zeroday

(Crédits : DΛVΞ GΛRCIΛ/Pexels)

Marcel SIneM(S)USJul 23, 2025
Drei chinesische Gruppen als Angreifer auf #Sharepoint-Server identifiziert | heise online https://www.heise.de/news/Drei-chinesische-Gruppen-als-Angreifer-auf-Sharepoint-Server-identifiziert-10496598.html #Microsoft #Patchday #LinenTyphoon #VioletTyphoon #ToolShell
Drei chinesische Gruppen als Angreifer auf Sharepoint-Server identifiziert

Eine Analyse von Microsoft nennt drei verschiedene Gruppen aus China als Angreifer auf die jüngste Sharepoint-Lücke. Dabei dürfte es aber nicht bleiben.

heise online
The Threat CodexJul 22, 2025
Disrupting active exploitation of on-premises SharePoint vulnerabilities
#LinenTyphoon #VioletTyphoon #Storm_2603 #CVE_2025_53770 #CVE_2025_49704 #CVE_2025_53771 #CVE_2025_49706
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/
Disrupting active exploitation of on-premises SharePoint vulnerabilities | Microsoft Security Blog

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.

Microsoft Security Blog