News

What to know about ToolShell, the SharePoint threat under mass exploitation
The name was coined by Dinh Ho Anh, a researcher from Khoa of Viettel Cyber Security, who developed the exploit. The ...
SecurityWeek17h
ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack
If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive.
WeLiveSecurity17h
ToolShell: An all-you-can-eat buffet for threat actors
ESET Research has been monitoring intense attacks involving the recently discovered ToolShell zero-day vulnerabilities.
SecurityWeek2d
ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets
More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the ...
Microsoft links Sharepoint ToolShell attacks to Chinese hackers
Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft ...
Microsoft: SharePoint flaws exploited in Warlock ransomware attacks
A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks ...
CRN12h
Microsoft Says SharePoint Attacks Now Include Ransomware
A China-linked threat actor has been observed exploiting SharePoint servers to deliver ransomware, according to Microsoft ...
Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server ...
Microsoft knew of SharePoint server exploit but failed to effectively patch it
A security patch released by Microsoft last month failed to fully fix a critical flaw in U.S. tech giant's SharePoint server ...
Infosecurity Magazine2d
SharePoint 'ToolShell' Vulnerabilities Exploited by Chinese Nation-State Hackers
Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the ...
Update: New version of Sharepoint 2016 fixes toolshell vulnerability
Microsoft is following up and is also releasing a patch for the 2016 edition of Sharepoint. Admins should install this ...