Hackers have begun exploiting a zero-day vulnerability in Microsoft SharePoint servers, primarily aiming at government organizations. U.S. cybersecurity agency CISA issued a warning about the exploitation of this unknown bug. Principal researcher Silas Cutler indicated that the initial exploitation targeted a limited range of entities. However, as additional attackers become aware of this vulnerability, the risk of further breaches increases. Currently, there are 9,000 to 10,000 vulnerable SharePoint instances accessible online, with the potential for more hackers to exploit the recently discovered flaw.
"It looks like initial exploitation was against a narrow set of targets, likely government related," Cutler told TechCrunch.
"This is a fairly rapidly evolving case. Initial exploitation of this vulnerability was likely fairly limited in terms of targeting, but as more attackers learn to replicate exploitation, we will likely see breaches as a result of this incident," said Cutler.
Cutler added that he and his colleagues are seeing between 9,000 and 10,000 vulnerable SharePoint instances accessible from the internet, but that could change.
Now that the vulnerability is out there, and still not fully patched by Microsoft, it's possible other hackers that are not necessarily working for a government will join in and start abusing it, Cutler said.
Collection
[
|
...
]