Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims’ SharePoint servers, the US government warned.
CVE-2026-20963 is a critical deserialization flaw in SharePoint that allows unauthenticated attackers to remotely execute code on the server without any user interaction, and Redmond fixed the issue as part of its January Patch Tuesday. At the time, the vulnerability was neither publicly known nor exploited, according to Microsoft, which deemed exploitation “less likely.” Fast forward to Wednesday when the US Cybersecurity and Infrastructure Agency added CVE-2026-20963 to its Known Exploited Vulnerabilities (KEV) catalog, gave federal agencies just three days to issue a patch..
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- City of Knoxville shuts down network after ransomware attack
June 11, 2020
The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices. Knoxville has a population of over 180,000, it’s Tennessee’s third-largest city after Nashville and Memphis, and it’s also part of the Knoxville Metropolitan Statistical Area, with a reported population of almost 870,000 in 2015. Read ...
- Forward-looking security analysis of smart factories [Part 3] – Trojanized libraries for industrial IoT devices
June 11, 2020
IoT devices are being incorporated more and more into smart factories. IoT devices are endpoints that have a unique IP address and that can connect to the Internet; they are expected to be used for various purposes not only in development but also in production environments, in combination with original programs developed in-house as well ...
- FBI warns of increased hacking risk if using mobile banking apps
June 10, 2020
The U.S. Federal Bureau of Investigation (FBI) today warned mobile banking app users that they will be increasingly targeted by hackers trying to steal their credentials and take over their banking accounts. The alert, published on the agency’s Internet Crime Complaint Center (IC3), says that the increased usage of such apps during the pandemic could lead to ...
- Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
June 9, 2020
The APT known as TA410 has added a modular remote-access trojan (RAT) to its espionage arsenal, deployed against Windows targets in the United States’ utilities sector. According to researchers at Proofpoint, the RAT, called FlowCloud, can access installed applications and control the keyboard, mouse, screen, files, services and processes of an infected computer, with the ability ...
- Hackers for hire targeted hundreds of institutions, says report
June 9, 2020
A hackers-for-hire group dubbed “Dark Basin” has targeted thousands of individuals and hundreds of institutions around the world, including advocacy groups, journalists, elected officials, lawyers, hedge funds, and companies, according to the Internet watchdog Citizen Lab. Researchers discovered almost 28,000 webpages created by hackers for personalized “spear phishing” attacks designed to steal passwords, according to a ...
- Maze Ransomware adds Ragnar Locker to its extortion cartel
June 8, 2020
A second ransomware gang has partnered with Maze Ransomware to use their data leak platform to extort victims whose unencrypted files were stolen. Before encrypting a victim’s network, most network-targeting ransomware operations will steal a victim’s unencrypted files. These files are then used as leverage by threatening to release them publicly on data leak sites if a ransom is ...