On September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught our attention were those for Microsoft SharePoint, an extensive content management system (CMS). Four out of the five SharePoint vulnerabilities covered by the September release allowed remote code execution (RCE) and one of them posed a DoS threat.
BI.ZONE Threat Intelligence researchers decided to analyze CVE‑2024‑38227, a privileged user RCE vulnerability. This research was an opportunity to explore Microsoft SharePoint as such and understand its state‑of‑the‑art operation theory.
Read more…
Source: BI.ZONE Threat Intelligence
Related:
- NSA Advocates Data Sharing Framework
June 23, 2017
The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...

