Unpatched Pathways: Microsoft's Flaw Sparks Global Cyber Espionage
A recent Microsoft security patch failed to fully fix a critical flaw in SharePoint server software, leaving about 100 organizations vulnerable to cyber espionage. Two Chinese hacking groups, 'Linen Typhoon' and 'Violet Typhoon,' are exploiting the flaw. The breach includes U.S. National Nuclear Security Administration systems.
This month, Microsoft released a security patch aimed at addressing a critical flaw in its SharePoint server software. However, the patch has proven insufficient, leaving the door open for a widespread cyber espionage operation, as confirmed by a Microsoft spokesperson on Tuesday.
Despite the company's efforts to resolve the vulnerability identified during a hacker competition in May, two Chinese hacking groups, known as 'Linen Typhoon' and 'Violet Typhoon,' along with another Chinese-based group, continue to exploit the flaw. The groups have targeted about 100 organizations, including the U.S. National Nuclear Security Administration, though no sensitive information has reportedly been compromised.
Trend Micro, which organized the Berlin competition that uncovered the flaw, emphasized the importance of vendors patching vulnerabilities promptly. British cybersecurity firm Sophos noted an increase in malicious online activity targeting SharePoint servers even after Microsoft released patches in July.
(With inputs from agencies.)
ALSO READ
Venezuela's Stealth Carriers: A New Route to China Amid Oil Sanctions
Ukraine and China Discuss Strengthening Ties Amidst Conflict
Trading Suspension Shakes China Evergrande New Energy Vehicle Group
US-Taiwan Arms Deal Sparks China Outcry
Tensions Escalate: US, Russia, and China in Nuclear Testing Standoff
Google News