News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
Crowdfund Insider5h
Cybersecurity Firm Kaspersky Uncovers Sophisticated Attacks Exploiting Legitimate Platforms and SharePoint Vulnerabilities
Recent discoveries by Kaspersky’s Global Research and Analysis Team (GReAT) highlight the evolving nature of cyber threats.
Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack
If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.
Microsoft SharePoint bug puts critical government agencies at risk
Microsoft released patches for a SharePoint zero-day bug after hackers compromised over 400 servers worldwide using weaponized exploit chain.
CPO Magazine4d
U.S. Nuclear Agency Breached via ToolShell SharePoint Vulnerability Chain
A U.S. nuclear agency was among the victims of the SharePoint vulnerability chain, which was exploited to compromise over 54 ...
SecurityWeek12d
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...
CRN13d
Five Things To Know On Microsoft SharePoint Server ‘ToolShell’ Attacks
An ongoing cyberattack campaign known as “ToolShell” is exploiting on-premises Microsoft SharePoint Servers and has ...
GovInfoSecurity2d
ISMG Editors: ToolShell Exploit Blurs Crime and Espionage
In this week's update, four ISMG editors discussed the latest on the ToolShell exploit and the rise of Warlock ransomware, ...
Again? Microsoft hit for poor security in major SharePoint hack
The company has been called out repeatedly for inadequate security practices, and now we have another case in point: a ...
SecurityWeek10d
ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
ZAWYA6d
Kaspersky reveals SharePoint ToolShell vulnerabilities stem from incomplete 2020 fix
Kaspersky GReAT researchers analyzed the published ToolShell exploit and found it alarmingly similar to the 2020 ...
"We’re witnessing an urgent and active threat" — Microsoft SharePoint "ToolShell" vulnerability is being attacked globally
The term "zero-day" attack refers to when a previously unknown vulnerability is targeted. Tens of thousands of servers are ...