A fierce onslaught of cyberattacks struck Microsoft’s critical servers, compromising more than 400 organizations, Eye Security reports.
Over the weekend the count of affected entities remained under one hundred, but the attacks have since escalated. Adversaries are exploiting a vulnerability in SharePoint to distribute a sophisticated ransomware strain. Microsoft attributes the operation to a group known as Storm‑2603, which encrypts corporate data and demands substantial payments for its restoration.
The list of victims includes large corporations as well as government agencies. Once the intrusion was detected, a number of servers were immediately quarantined to prevent further spread of the malware.
Vaishi Bernard of Eye Security warns that the true scale of the incident may be far greater, since many traces of compromise are difficult to detect. Experts caution that without prompt patching and stronger defenses, more companies and users remain at risk.
Microsoft notes these attacks differ from prior incidents — the deployed malware not only exfiltrates information but can also fully cripple network operations.
Source: iXBT.games