Get the latest tech news
Did a Vendor's Leak Help Attackers Exploit Microsoft's SharePoint Servers?
The vulnerability-watching "Zero Day Initiative" was started in 2005 as a division of 3Com, then acquired in 2015 by cybersecurity company Trend Micro, according to Wikipedia. But the Register reports today that the initiative's head of threat awareness is now concerned about the source for that e...
The vulnerability-watching "Zero Day Initiative" was started in 2005 as a division of 3Com, then acquired in 2015 by cybersecurity company Trend Micro, according to Wikipedia.But the Register reports today that the initiative's head of threat awareness is now concerned about the source for that exploit of Microsoft's Sharepoint servers: How did the attackers, who include Chinese government spies, data thieves, and ransomware operators, know how to exploit the SharePoint CVEs in such a way that would bypass the security fixes Microsoft released the following day? These vendors are required to sign a non-disclosure agreement about the soon-to-be-disclosed bugs, and Microsoft gives them early access to the vulnerability information so that they can provide updated protections to customers faster.... Soroush Dalili was able to use Google's Gemini to help reproduce the exploit chain, so it's possible the threat actors did their own due diligence, or did something similar to Dalili, working with one of the frontier large language models like Google Gemini, o3 from OpenAI, or Claude Opus, or some other LLM, to help identify routes of exploitation," Tenable Research Special Operations team senior engineer Satnam Narang told The Register.
Or read this on Slashdot
