Hackers are exploiting a remote code execution vulnerability in Microsoft SharePoint to conduct reconnaissance on the networks of target organizations, a Saudi government cybersecurity agency said Thursday. In activity that private-sector researchers are also tracking, the unnamed hackers are gathering information on Microsoft Exchange and SQL servers in a sign “the attack is still in its first stages,” Saudi Arabia’s National Cybersecurity Authority (NCA) said in an advisory. The alert did not offer further information on the victims. The attacks are an example of how a file-sharing service can be abused to gather valuable information on a target. The vulnerability applies to older versions of SharePoint, an application organizations use to share and store documents. With a foothold on a network, the attackers have deployed a web shell script that can be used to manipulate data on a server, according to the NCA. The Saudi agency “observed a spike in scanning activities […]
The post Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn appeared first on CyberScoop.
Continue reading Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn→