Yagi Studio
Microsoft (NASDAQ:MSFT) is trying to determine if a leak from its early alert system for cybersecurity companies created a window for Chinese hackers to attack its SharePoint service, according to Bloomberg.
Earlier this week, Microsoft said it has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, it has seen another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities.
Microsoft is now investigating if its early alert program, which is designed to give cybersecurity experts a head start in stopping breaches, inadvertently created a point of attack, the report said, citing people familiar with the matter.
The breach also allowed the hackers to break into the U.S. National Nuclear Security Administration. The semiautonomous unit of the Energy Department is responsible for making and dismantling nuclear arms. It also provides the Navy with nuclear reactors for submarines and responds to radiological emergencies. Other parts of the department were also compromised. However, no sensitive or classified information is known to have been compromised in the attack.
More on Microsoft
- Microsoft: Two Years, Zero Earnings Misses
- Microsoft: Azure Keeps Surging, But The Stock’s Valuation Is Stretched
- Microsoft: Agentic AI Ramp Up Is Barely In The First Inning (Earnings Preview)
- Zuckerberg names ChatGPT co-creator head of Meta Superintelligence Labs
- OpenAI competitor Anthropic wants more funding to double valuation – report