- Microsoft will no longer send proof of the threat of concepts to Chinese companies
- Alerts are part of the MAPP vulnerability alert system
- Many believe that the Chinese government has been involved in the recent SharePoint attack
Access to the early alert system of Microsoft for cybersecurity vulnerabilities will be reduced for certain companies following an attack campaign that has taken advantage of vulnerabilities in the SharePoint platform of the company to target up to 400 organizations.
Microsoft has limited access to Chinese companies after suspicion that Beijing was involved in attacks, many of which believed that there was a leak in the active protection program of Microsoft (MAPP) – The system uses that Microsoft uses to alert security companies to help them pre -empt pirates and defend themselves proactive against attackers.
These vulnerabilities have now been corrected, but have already been observed in the wild used to deploy ransomware. The defect allowed attackers to extract the cryptographic keys from Microsoft customer servers, which allows them to install programs on the server, including malware or software.
In bad hands
Experts believe that the most likely scenario for the explosion of SharePoint attacks was thanks to a thug member of the MAPP program – and as such, Microsoft will no longer send the “Code of Concept Concept” to Chinese companies.
This refers to the demonstration of a concept that helps security teams prepare for an attack by adapting their systems.
Techradar Pro Contacted Microsoft to ask questions about updating his investigation, but the company so far has not offered a comment.
On the other hand, if the threat stakeholders are alerted from the defender’s plans, they get a step ahead and can change their tactics.
Microsoft has identified the possibility in which attackers use the alert system; “This is why we take measures – both known and confidential – to avoid improper use”
“We are continuously reviewing participants and deleting them or deleting them if we find that they have violated their contract with us, which includes a ban on participating in offensive attacks,” confirmed the company.
Via PK Press Club
