Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) https://www.helpnetsecurity.com/2025/08/13/microsoft-fixes-badsuccessor-kerberos-vulnerability-cve-2025-53779/ #PatchTuesday #SharePoint #TrendMicro #Don'tmiss #Immersive #Microsoft #Hotstuff #MSOffice #Tenable #Akamai #News
August 2025 Patch Tuesday forecast: Try, try, again https://www.helpnetsecurity.com/2025/08/08/august-2025-patch-tuesday-forecast/ #Expertanalysis #PatchTuesday #SharePoint #Don'tmiss #Microsoft #Hotstuff #Mozilla #Google #Ivanti #Apple #News
CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released https://gbhackers.com/cisa-warns-of-toolshell-exploitation-chain/ #CyberSecurityNews #cybersecurity #SharePoint
#Microsoft Used #China-Based Engineers to Support Product Recently Hacked by China
https://www.propublica.org/article/microsoft-sharepoint-hack-china-cybersecurity
Top 9 medication techniques for managing #Microsoft #SharePoint & #Intune
Subscribe now to learn the mystical mind methods that can allow you too to use Microsoft Intune to manage mobile devices without bursting blood vessels
Advanced practitioners may be eligible for our "How To Get Staff To Use SharePoint Without The Threat Of Corporal Punishment" course
We can help sharpen focus and attention, connect to your body plus develop acceptance of difficult emotions... and Microsoft Copilot
@demiguru
Okay. But *I* AM NOT connecting the #Epstein FBI #SharePoint file exposure to that story. I appreciate you pointing out some possible false connections.
I'm looking ahead to how lists that we know DO exist, might end up in hands of groups OTHER than the FBI & DOJ.
Who might have them & how they might use them are all of interest to me.
@spocko
The #conspiracy-like part is connecting the #Epstein FBI #SharePoint file exposure to the recent #Chinese #zeroday #exploit, potentially implying it was either:
exploited intentionally,
the result of deep systemic failure,
or even deliberate mishandling tied to a broader cover-up.
There’s currently no #credible evidence backing that link. Misconfiguration is a more parsimonious explanation for the older #FBI case. #conspiracytheorists #infosec
@demiguru
What part is the conspiracy theory?
It appears some #SharePoint servers were venerable over a specific time period. Including #FBI servers?
https://www.muellershewrote.com/p/the-epstein-cover-up-at-the-fbi
"Additionally, the internal SharePoint site the bureau ended up using to distribute the files toward the end did not have the usual restricted permissions. This left the Epstein and Maxwell files open to viewing by a much larger group of people than previously thought."
Bondi's incompetence is real. How can we use it?
@spocko it’s #conspiracytheory. #Reuters reports #Microsoft is looking whether a leak from MAPP enabled #Chinese to exploit #SharePoint #vulnerabilities b4 fixes were fully in place.notifications went out on 6/24, 7/3, and 7/7; attack signs began on 7/7—the same day the final notification was issued. #TrendMicro called it the “likeliest scenario” that someone in the program weaponized that info. They pulled the trigger on the #exploit they had at hand bc time was running out.
Question for my #Infosec friends
@emptywheel talked about how FBI agents reviewing the #Epstein #Maxwell materials put together a list for #PamBondi & placed it on an internal #SharePoint server.
https://www.muellershewrote.com/p/the-epstein-cover-up-at-the-fbi
@briankrebs wrote about this #ZeroDay exploit 7-21-25 https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/
Do you think a group has that info?
If so, what's the best way to use existence of that hacked list as POLITICAL leverage against DJT to get the full list out?
@nicolesandler https://www.youtube.com/live/thdaQyDzYFI?si=EjKSqi7B3cRCBIO4&t=4110
Microsoft Used China-Based Engineers to Support Product Recently Hacked by China https://www.propublica.org/article/microsoft-sharepoint-hack-china-cybersecurity #cybersecurity #Sharepoint #Microsoft #USGovernment #China
#Microsoft ist, wenn so ein Artikel geschrieben wird: Hier wird das #Sharepoint-Patch-Chaos eingeordnet, damit man nicht nur Patches einspielt, die das zugrundeliegende Problem offenbar keineswegs beheben, wie sie behauptet haben: https://www.heise.de/news/Microsofts-Sharepoint-Luecken-Die-Zero-Days-die-vielleicht-gar-keine-waren-10505387.html
Day 482. In one of #Microsoft #SharePoint's recent security breaches, attackers were able to bypass API authentication by simply supplying a Referer header that indicates that the user just logged out.
This seems to be this multilayered defense-in-depth security Microsoft is always bragging about.
#Microsoft Used China-Based Engineers to Support Product Recently Hacked by #China
==
Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular #SharePoint software but didn’t mention that it has long used China-based engineers to maintain the product.
#News #Tech #Cybersecurity #Government #Safety #privacy
https://www.propublica.org/article/microsoft-sharepoint-hack-china-cybersecurity
@davidgerard How about the "3 million agents" that have been created on Microsoft's cloud in the past year, according to their FY25 Q4 earnings call? Because in reality, the vast majority of the agents are like this: https://www.youtube.com/watch?v=hpeOjtcA3VY
Gaps in Microsoft SharePoint: Zero days that may not have been zero days at all
The attacks on SharePoint servers exploited known vulnerabilities for which patches were already available. It remains to be seen whether these would've helped.
Microsofts Sharepoint-Lücken: Die Zero-Days, die vielleicht gar keine waren
Die Angriffe auf Sharepoint-Server nutzten keine neuen sondern bekannte Lücken aus, für die es bereits Patches gab. Ob die geschützt hätten, ist jedoch offen.
Whow, #powerautomate Desktop & #sharepoint & Premium (leider).
Da geht was ab..
Mal auf die schnelle von 100 PDFs die Überschrift auslesen und als metadaten speichern...
#Automatisierung #Microsoft #ms365
