speculations that Beijing was involved in a hacking campaign against the company’s widely used SharePoint servers.
The new restrictions came last month, sweeping hacking attempts against Microsoft SharePoint servers, at least some of which Microsoft and others have blamed on Beijing, reported Reuters. This came with suspicions in several cybersecurity companies that there was a leak in the Microsoft Active Protections Program (MAPP), which Microsoft uses to help security vendors worldwide, including in China, to learn about cyber threats before the general public, so they can better defend against hackers.
Beijing has denied any implications in any SharePoint hacking.
On June 24, July 3, and July 7, Microsoft has also notified members of the MAPP program of the SharePoint vulnerabilities. Due to Microsoft saying that it first observed exploitation attempts on July 7, the timing led some experts to allege that the most expected scenario for the sudden explosion in hacking attempts was due to a rogue member of the MAPP program misusing the information.
More so, in a statement, Microsoft said that several Chinese companies would no longer receive “proof of concept code.” Which has the ability to mimic the operation of genuine malicious software. The proof of concept code can help cybersecurity professionals who are looking into making theri systems more powerful, yet it can also be repurposed by hackers to get a jump start on the defenders.
Subscribe to our newsletter
Microsoft also said that it was aware of the information that he received and the fact that it could have been exploited, “which is why we take steps – both known and confidential – to prevent misuse. We continuously review participants and suspend or remove them if we find they violated their contract with us, which includes a prohibition on participating in offensive attacks."
More so, in a statement, Microsoft said that several Chinese companies would no longer receive “proof of concept code.” Which has the ability to mimic the operation of genuine malicious software. The proof of concept code can help cybersecurity professionals who are looking into making theri systems more powerful, yet it can also be repurposed by hackers to get a jump start on the defenders.
Subscribe to our newsletter
Microsoft also said that it was aware of the information that he received and the fact that it could have been exploited, “which is why we take steps – both known and confidential – to prevent misuse. We continuously review participants and suspend or remove them if we find they violated their contract with us, which includes a prohibition on participating in offensive attacks."
.webp)
.webp)
.webp)
