On September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught our attention were those for Microsoft SharePoint, an extensive content management system (CMS). Four out of the five SharePoint vulnerabilities covered by the September release allowed remote code execution (RCE) and one of them posed a DoS threat.
BI.ZONE Threat Intelligence researchers decided to analyze CVE‑2024‑38227, a privileged user RCE vulnerability. This research was an opportunity to explore Microsoft SharePoint as such and understand its state‑of‑the‑art operation theory.
Read more…
Source: BI.ZONE Threat Intelligence
Related:
- CISA flags data-theft bug in NSA-built OT networking tool
April 29, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information. First reported by Grady DeRosa, senior industrial pentester at Dragos, the weak spot affects all versions of GrassMarlin, a tool developed ...
- Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
April 29, 2026
Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations. Data breach tracker Have I Been Pwned (HIBP) confirmed the breach on April 27, with 8.2 million unique email addresses included in the dump alongside names, phone ...
- Medtronic says ShinyHunters hackers stole around 9 million medical records in latest attack
April 28, 2026
Medtronic, one of the biggest medical device manufacturers in the world, has confirmed suffering a cyberattack in which crooks “accessed data in certain Medtronic corporate IT systems.” In a security notification published on its website, Medtronic said the attack does not affect its customers or products, and also stressed it will continue operating as usual, without ...
- Don’t pay Vect a ransom – your data’s likely already wiped out
April 28, 2026
Organizations hit by the wave of Trivy and Lite LLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research. That’s because the ransomware Vect uses isn’t actually ransomware at all, but a wiper that destroys any file larger than 128KB. Vect’s leak site ...
- Chinese engineer stole US military and NASA software for years
April 28, 2026
International espionage isn’t always about sophisticated malware and zero-day bugs. Sometimes it’s as simple as pretending to be someone else asking for a favor. For four years, a Chinese aerospace engineer did just that. Dozens of researchers at NASA, the US military, and major universities handed him exactly what he asked for, and possibly violated US ...
- ADT confirms cyber intrusion after ShinyHunters extortion attempt
April 27, 2026
A home security biz getting digitally burgled is not a great look – but that’s exactly where ADT finds itself. The company has confirmed a cyber intrusion following an extortion attempt by the ShinyHunters crew, which claims to have made off with more than 10 million records. US-based ADT is one of the world’s largest providers ...