Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Alert for a serious vulnerability in SharePoint

The invisible threat: a security flaw to monitor carefully

A serious vulnerability in Microsoft SharePoint, code CVE-2023-29357, could be exploited for ransomware attacks. It is urgent to install the released updates to prevent possible security breaches.
Gruppo ECP

FROM THE GAP TO THE FINISH LINE
We transform challenges into business successes
DISCOVER HOW

Gruppo ECP

FROM THE GAP TO THE FINISH LINE
We transform challenges
into business successes
DISCOVER HOW

This pill is also available in Italian language

A notable critical issue affects Microsoft SharePoint: a vulnerability has been identified that could be exploited by cybercriminals specializing in ransomware. There are signs that these cyber attackers have acquired an operational exploit, an exploit that would allow them to exploit the bug, which has been known for almost a year and is now listed as a critical flaw by CISA that requires urgent resolution. Despite the fact that the exploit has not yet been used in ransomware attacks, it remains a worrying situation.

SharePoint vulnerability identification and response

The vulnerability in question was assigned the code CVE-2023-29357 and was first exposed by Nguyen Tien Giang of the STAR Labs organization during the March 2023 Pwn2Own event in Vancouver. Giang used this vulnerability in combination with another flaw to carry out remote code execution on the SharePoint server. Microsoft released a fix patch in June 2023, followed by Giang's detailed analysis of the exploit's creation in September of that year.

Risk of an imminent security collapse

Kevin Beaumont, one of the researchers at the forefront of this front, expressed concern that attacks exploiting such vulnerabilities could begin to occur in the coming weeks, as the release of a proof of concept usually leads to an increase in attacks. The difficulty in matching CVE-2023-29357 and CVE-2023-24955 appears to be the only factor that is delaying the attacks. These scenarios demonstrate how much attention the topic of IT security requires and the need for effective and timely application of system updates.

Imperative: Update and secure platforms

There is currently no proof of concept for remote code execution (RCE) related to this publicly accessible vulnerability, underscoring that those working on the exploit independently developed the attack and kept it confidential. This places emphasis on the responsibility of IT professionals to maintain vigilance and update systems promptly. The incident serves as a warning to SharePoint users, underlining that poor management of cybersecurity can have devastating consequences.

Follow us on Threads for more pills like this

01/14/2024 18:08

Marco Verro

Last pills

Cloudflare repels the most powerful DDoS attack ever recordedAdvanced defense and global collaboration to tackle new challenges of DDoS attacks

Silent threats: the zero-click flaw that compromises RDP serversHidden risks in remote work: how to protect RDP servers from invisible attacks

Discovery of vulnerability in Secure Boot threatens device securityFlaw in the Secure Boot system requires urgent updates to prevent invisible intrusions

North korean cyberattacks and laptop farming: threats to smart workingAdapting to new digital threats of remote work to protect vital data and infrastructures

Don’t miss the most important news
Enable notifications to stay always updated