mhewitt

joined 2 years ago
sorted by: new top controversial old
8
Active Global Attacks Targeting On-premises SharePoint Server (CVE-2025-53770) (msrc.microsoft.com)
submitted 1 week ago* (last edited 1 week ago) by mhewitt to c/cybersecurity
0 comments fedilink
 

IOCs:

  • 107.191.58[.]76
  • 104.238.159[.]149
  • 96.9.125[.]147
  • Unusual POSTs to /_layouts/15/ToolPane.aspx?DisplayMode=Edit
  • Unusual POSTs to /_layouts/16/ToolPane.aspx?DisplayMode=Edit
  • spinstall0.aspx in SharePoint Layouts folders

Vulnerabilities:

  • CVE-2025-53770 (new, no patch as of 2025-07-20)
  • CVE-2025-49704 (2025-07-08 patch)
  • CVE-2025-49706 (2025-07-08 patch)

Only mitigations at this time require both SharePoint AMSI integrations to be enabled and Microsoft Defender in Active mode. Other AV is not confirmed.

Also see

PDF Editor in c/linux@lemmy.world
PDF Editor in c/linux@lemmy.world
What are YOU self-hosting? in c/selfhosted@lemmy.world
What are YOU self-hosting? in c/selfhosted@lemmy.world
What are YOU self-hosting? in c/selfhosted@lemmy.world
[–] mhewitt 1 points 2 years ago (3 children)

How has Scale been on Linux vs BSD? Any complaints or plug-in compatibility issues?

Need to track feature usage for 50k+ users daily in c/programming@programming.dev
[–] mhewitt 10 points 2 years ago

Don’t reinvent the wheel and write this yourself. Have your application write out a log, ingest the log into a tool, and use the tool for your analytics.

Elastic isn’t a bad choice.

Vulnerability fixed in c/infosecpub
When first party app is very bad and third party app is dead in c/lotrmemes@midwest.social