Microsoft SharePoint Hack Exposes US Nuclear Weapons Agency
PorAinvest
martes, 22 de julio de 2025, 8:17 pm ET1 min de lectura
CVE--
The breach occurred as part of a larger campaign exploiting a zero-day vulnerability in Microsoft SharePoint. The attack began on July 18, 2025, and affected the Department of Energy, which has since been minimally impacted due to its robust cybersecurity systems. The NNSA's role in counterterrorism, nuclear weapons transportation, and providing nuclear reactors for submarines was not compromised [1].
The hackers leveraged a previously known vulnerability in SharePoint to gain initial access. Microsoft has identified two Chinese state-sponsored hacking groups, Linen Typhoon and Violet Typhoon, as well as a third group, Storm-2603, exploiting these vulnerabilities. The attacks have been widespread, affecting governments, businesses, and other organizations around the world [1].
Rapid7 has reported that the vulnerability, CVE-2025-53770, is a critical Remote Code Execution (RCE) vulnerability affecting on-premise SharePoint servers. This vulnerability has been actively exploited in the wild and has a CVSS base score of 9.8, indicating a high level of risk. Microsoft has released patches for affected SharePoint editions, and organizations are advised to upgrade to fixed versions on an emergency basis [2].
The NNSA's breach highlights the ongoing threat of cyberattacks on critical infrastructure. While no sensitive information was compromised in this incident, the attack serves as a reminder of the importance of robust cybersecurity measures and the need for organizations to stay vigilant against evolving threats. The full extent of the damage from this breach is still being assessed.
References:
[1] https://www.bloomberg.com/news/articles/2025-07-23/us-nuclear-weapons-agency-breached-in-microsoft-sharepoint-hack
[2] https://www.rapid7.com/blog/post/etr-zero-day-exploitation-of-microsoft-sharepoint-servers-cve-2025-53770/
MSFT--
RPD--
The US National Nuclear Security Administration, responsible for maintaining and designing the nation's nuclear weapons cache, was breached in a hack of Microsoft's SharePoint document management software. No sensitive or classified information was compromised, but other parts of the Energy Department were also affected. Hackers exploited a zero-day vulnerability in SharePoint to breach the agency, which was also affected in a 2020 SolarWinds Corp. attack. Microsoft blames Chinese state-sponsored hackers for the attacks, which have breached governments, businesses, and organizations worldwide.
The US National Nuclear Security Administration (NNSA), responsible for maintaining and designing the nation's nuclear weapons cache, was recently breached in a hack of Microsoft's SharePoint document management software. According to a person with knowledge of the matter, no sensitive or classified information was compromised in the attack on the NNSA, which is a semiautonomous arm of the Energy Department. Other parts of the department were also affected [1].The breach occurred as part of a larger campaign exploiting a zero-day vulnerability in Microsoft SharePoint. The attack began on July 18, 2025, and affected the Department of Energy, which has since been minimally impacted due to its robust cybersecurity systems. The NNSA's role in counterterrorism, nuclear weapons transportation, and providing nuclear reactors for submarines was not compromised [1].
The hackers leveraged a previously known vulnerability in SharePoint to gain initial access. Microsoft has identified two Chinese state-sponsored hacking groups, Linen Typhoon and Violet Typhoon, as well as a third group, Storm-2603, exploiting these vulnerabilities. The attacks have been widespread, affecting governments, businesses, and other organizations around the world [1].
Rapid7 has reported that the vulnerability, CVE-2025-53770, is a critical Remote Code Execution (RCE) vulnerability affecting on-premise SharePoint servers. This vulnerability has been actively exploited in the wild and has a CVSS base score of 9.8, indicating a high level of risk. Microsoft has released patches for affected SharePoint editions, and organizations are advised to upgrade to fixed versions on an emergency basis [2].
The NNSA's breach highlights the ongoing threat of cyberattacks on critical infrastructure. While no sensitive information was compromised in this incident, the attack serves as a reminder of the importance of robust cybersecurity measures and the need for organizations to stay vigilant against evolving threats. The full extent of the damage from this breach is still being assessed.
References:
[1] https://www.bloomberg.com/news/articles/2025-07-23/us-nuclear-weapons-agency-breached-in-microsoft-sharepoint-hack
[2] https://www.rapid7.com/blog/post/etr-zero-day-exploitation-of-microsoft-sharepoint-servers-cve-2025-53770/
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
Comentarios
Aún no hay comentarios