#toolshell

[ follow ]
#cybersecurity #sharepoint-server #vulnerabilities #cve-2025-53770 #microsoft-sharepoint
Information security
fromThe Hacker News
4 days ago

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch

Chinese-linked threat groups exploited the ToolShell SharePoint vulnerability (CVE-2025-53770) to compromise telecom, government, academic, and corporate targets across multiple regions.
fromThe Hacker News
2 weeks ago

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

The threat actor's use of the security utility was documented by Sophos last month. It's assessed that the attackers weaponized the on-premises SharePoint vulnerabilities known as ToolShell to obtain initial access and deliver an outdated version of Velociraptor (version 0.73.4.0) that's susceptible to a privilege escalation vulnerability ( CVE-2025-6264) to enable arbitrary command execution and endpoint takeover, per Cisco Talos.
Information security
fromTheregister
2 months ago

CISA releases malware analysis for Sharepoint Server attack

CISA analysed six files including two Dynamic Link-Library (.DLL), one cryptographic key stealer, and three web shells. Cyber threat actors could leverage this malware to steal cryptographic keys and execute a Base64-encoded PowerShell command to fingerprint host system and exfiltrate data.
Privacy professionals
Privacy technologies
fromTheregister
3 months ago

Another massive security snafu hits Microsoft

Microsoft is facing significant attacks exploiting a critical zero-day vulnerability in SharePoint Server.
The vulnerability allows attackers to take over servers and exfiltrate sensitive data.
Information security
fromArs Technica
3 months ago

SharePoint vulnerability with 9.8 severity rating under exploit across globe

Updating systems is just the beginning; attackers exploit vulnerabilities to gain unauthorized access and escalate their reach within compromised networks.
[ Load more ]