Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses - Hallo sahabat Punya Kamu, Pada Artikel yang anda baca kali ini dengan judul Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses, kami telah mempersiapkan artikel ini dengan baik untuk anda baca dan ambil informasi didalamnya. mudah-mudahan isi postingan Artikel computer security, Artikel cyberattacks, Artikel hackers, Artikel news, Artikel security breach, yang kami tulis ini dapat anda pahami. baiklah, selamat membaca.

Judul : Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses
link : Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses

Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses

Hackers have launched a sweeping cyberattack exploiting a previously unknown flaw in Microsoft’s widely used SharePoint server software, compromising systems at US federal and state agencies, universities, energy companies and international institutions, officials and cybersecurity researchers tell Reuters.

The attack, described as a “zero-day” exploit, targeted SharePoint servers hosted within organizations, not cloud-based versions such as Microsoft 365. SharePoint is a collaborative platform used to store, share and manage documents, and is integral to many institutional operations.

According to cybersecurity experts quoted by Reuters, the breach has impacted dozens of organizations worldwide. Victims include at least two US federal agencies, a state legislature on the East Coast, a university in Brazil, a government agency in Spain and several European institutions.

“Anybody who’s got a hosted SharePoint server has got a problem,” said Adam Meyers, senior vice president at cybersecurity firm CrowdStrike in a statement to Reuters. “It’s a significant vulnerability.”

The US Cybersecurity and Infrastructure Security Agency (CISA), along with counterparts in Canada and Australia, are investigating the attack. CISA confirmed it was alerted to the breach on Friday by a private research firm and immediately notified Microsoft.

Initially, Microsoft advised organizations to either modify configurations or disconnect affected SharePoint servers from the internet. On Sunday evening, the company released a patch for one version of the software. However, two additional versions remain vulnerable. Microsoft has not commented further on the incident.

Security analysts warn that even patched systems may remain exposed. Hackers are believed to have obtained cryptographic keys, which could allow them to regain access even after vulnerabilities are fixed.

The FBI issued a statement acknowledging the breach and said it is working closely with federal and private sector partners to assess the threat.

Researchers at Eye Security, a Netherlands-based firm, said more than 50 organizations have been compromised. Palo Alto Networks’ Unit 42 also reported widespread attempts to exploit the flaw prior to any patch being available.

In one instance, attackers hijacked a public-facing repository used by a US state agency to provide government transparency materials. The agency has lost access to the documents, and it remains unclear whether the data was deleted.

The breach follows a series of high-profile cybersecurity failures at Microsoft. A US government review panel previously criticized the company for security lapses that led to a 2023 China-backed breach of federal email accounts, including those of then-Commerce Secretary Gina Raimondo.

Adding to the scrutiny, Microsoft announced Friday that it will stop using engineers based in China to support Pentagon-related cloud computing contracts. The move came after a ProPublica report raised concerns about the practice and prompted Defense Secretary Pete Hegseth to order a full review of the Department of Defense’s cloud security posture.

The nonprofit Center for Internet Security, which provides cybersecurity coordination for state and local governments, said it has notified approximately 100 potentially compromised organizations, including public schools and universities. The group said the warning process took longer than expected due to a 65% cut in its threat intelligence and response team, following reduced CISA funding.

It remains unclear who is behind the attacks or their ultimate goals. Some of the breached servers were located in China, complicating attribution.

The post Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses appeared first on Best for youEnglish - Morocco News.

Demikianlah Artikel Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses

Sekianlah artikel Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses kali ini, mudah-mudahan bisa memberi manfaat untuk anda semua. baiklah, sampai jumpa di postingan artikel lainnya.

Anda sekarang membaca artikel Hackers Exploit Microsoft server flaw in global cyberattack targeting US agencies, universities, and businesses dengan alamat link https://www.punyakamu.com/2025/07/hackers-exploit-microsoft-server-flaw.html

Tweet