AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Alert for a serious vulnerability in SharePoint

The invisible threat: a security flaw to monitor carefully

A serious vulnerability in Microsoft SharePoint, code CVE-2023-29357, could be exploited for ransomware attacks. It is urgent to install the released updates to prevent possible security breaches.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

A notable critical issue affects Microsoft SharePoint: a vulnerability has been identified that could be exploited by cybercriminals specializing in ransomware. There are signs that these cyber attackers have acquired an operational exploit, an exploit that would allow them to exploit the bug, which has been known for almost a year and is now listed as a critical flaw by CISA that requires urgent resolution. Despite the fact that the exploit has not yet been used in ransomware attacks, it remains a worrying situation.

SharePoint vulnerability identification and response

The vulnerability in question was assigned the code CVE-2023-29357 and was first exposed by Nguyen Tien Giang of the STAR Labs organization during the March 2023 Pwn2Own event in Vancouver. Giang used this vulnerability in combination with another flaw to carry out remote code execution on the SharePoint server. Microsoft released a fix patch in June 2023, followed by Giang's detailed analysis of the exploit's creation in September of that year.

Risk of an imminent security collapse

Kevin Beaumont, one of the researchers at the forefront of this front, expressed concern that attacks exploiting such vulnerabilities could begin to occur in the coming weeks, as the release of a proof of concept usually leads to an increase in attacks. The difficulty in matching CVE-2023-29357 and CVE-2023-24955 appears to be the only factor that is delaying the attacks. These scenarios demonstrate how much attention the topic of IT security requires and the need for effective and timely application of system updates.

Imperative: Update and secure platforms

There is currently no proof of concept for remote code execution (RCE) related to this publicly accessible vulnerability, underscoring that those working on the exploit independently developed the attack and kept it confidential. This places emphasis on the responsibility of IT professionals to maintain vigilance and update systems promptly. The incident serves as a warning to SharePoint users, underlining that poor management of cybersecurity can have devastating consequences.

Follow us on Threads for more pills like this

01/14/2024 18:08

Editorial AI

Last pills

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awareness

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal group

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal data

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at risk