Microsoft: the sharepoint flaw operated by Chinese hackers, many government agencies attacked

Microsoft finally spoke about the recent attacks launched at the end of last week exploiting the security flaw of his SharePoint web software suite. In a post posted on his official blog Yesterday, the Redmond firm accuses groups of hackers “affiliated with the Chinese government” of being behind this wave of attacks.

The Linen Typhon and Violet Typhon groups would be involved in the series of cyber attacks exploiting a flaw of SharePoint servers. A third Chinese collective, Storm-2603, would also have participated in this offensive having touched Several government agencies Around the world, notably the National Nuclear Security Administration, a branch of the Energy Department of the United States, but also other countries such as Germany, Spain or Brazil.

Microsoft COLMATE The breach

In total, a hundred organizations and more than 8,000 servers were affected, according to the figures reported by the Reuters news agency. The cloud version of the software, SharePoint Onlineis not a priori concerned by this vulnerability.

A corrective was deployed by Microsoft last Monday for some of the local versions of SharePoint compromises, namely SharePoint Server Subscription Edition and SharePoint Server 2019 and 2016. This “Zero-Day” attack, because operating a flaw never spotted by Microsoft, was initiated on Monday, July 21. In addition to private data, hackers have managed to recover encryption keys providing them with future access to compromise servers.

Want to save even more? Discover Our promo codes Selected for you.