JAKARTA A vulnerable version of Microsoft’s server software-centric cyber-espionage campaign now involves the spread of ransomware. This was stated in Microsoft’s statement in a blog post on Wednesday night, July 23. In the post, citing “extended threat analysis and intelligence,” Microsoft said a group they called “Storm-2603” used this vulnerability to spread ransomware. Ransomware usually...Read More
Microsoft MSFT is in a tight spot after hackers slipped into its SharePoint servers and hit about 400 agencies and firms worldwide. Eye Security first raised the alarm last week when it found victims in the US, Mauritius, Jordan, South Africa and the Netherlands. In a Wednesday blog Microsoft said its expanded analysis shows a...Read More
Law enforcement has seized the dark web leak sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several years. The U.S. Department of Justice confirmed the takedown in an email earlier today, saying the authorities involved in the action executed a court-authorized seizure...Read More
The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center July 22 released a joint advisory detailing malicious activity from Interlock ransomware. Activity was first discovered in September 2024 and as recently as June, targeting various organizations and critical infrastructure. The agencies said they are...Read More
The severe vulnerability in Microsoft’s SharePoint software is not only paving the way for data theft, but also ransomware attacks. On Wednesday night, Microsoft issued an alert about a hacking group deploying the new “Warlock” ransomware after exploiting the flaw in SharePoint servers. Its investigation found that a China-based hacking group, called Storm-2603, began deploying the...Read More
The severe vulnerability in Microsoft’s SharePoint software is not only paving the way for data theft, but also ransomware attacks. On Wednesday night, Microsoft issued an alert about a hacking group deploying the new “Warlock” ransomware after exploiting the flaw in SharePoint servers. Its investigation found that a China-based hacking group, called Storm-2603, began deploying the...Read More
The severe vulnerability in Microsoft’s SharePoint software is not only paving the way for data theft, but also ransomware attacks. On Wednesday night, Microsoft issued an alert about a hacking group deploying the new “Warlock” ransomware after exploiting the flaw in SharePoint servers. Its investigation found that a China-based hacking group, called Storm-2603, began deploying the...Read More
Multiple organisations have now been hit by Warlock ransomware deployed on their systems via the dangerous ToolShell vulnerability chain in Microsoft SharePoint Server, Microsoft has revealed. Earlier this week, Microsoft said that known Chinese state threat actors, Linen Typhoon and Violet Typhoon, were among those exploiting two security bypass vulnerabilities – CVE-2025-53770, which bypasses...Read More
Microsoft said that a hacking group it’s tracking as Storm-2603 is exploiting critical vulnerabilities in the company’s SharePoint platform to deploy ransomware. SharePoint is “a secure, enterprise-grade content management and collaboration platform,” according to Microsoft’s website, which also describes it as a way to “securely collaborate, sync, and share content.” (Essentially: organizations use it to...Read More
The Google Threat Intelligence Group has uncovered a highly advanced cyber operation orchestrated by the threat actor UNC3944, also linked to aliases such as “0ktapus,” “Octo Tempest,” and “Scattered Spider”. This financially motivated group has intensified its focus on sectors including retail, airlines, and insurance, employing a meticulous playbook that leverages social engineering to infiltrate...Read More
