 Saturday, May 11, 2019 in Database  1 Comment |  | Canadian and Saudi cybersecurity agencies warn of attacks that have been going on for at least two weeks.
Hacker groups are attacking Microsoft SharePoint servers to exploit a recently patched vulnerability and gain access to corporate and government networks, according to recent security advisories sent out by Canadian and Saudi Arabian cybersecurity agencies.
The security flaw exploited in these attacks is tracked as CVE-2019-0604, which Microsoft patched through security updates released in February, March, and April this year.
\"An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account," Microsoft said at the time.
Attacks started in late April
Demo exploit code for CVE-2019-0604 was published in March by Markus Wulftange, the security researcher who found the vulnerability, but other PoCs also popped up on GitHub and Pastebin.
Attacks started soon after, in late April. The Canadian Centre for Cyber Security first sent an alert last month, and then officials from the Saudi National Cyber Security Center (NCSC) sent a second security alert this week.
www.zdnet.com | |
|
