Caution: Hackers Actively Targeting Microsoft SharePoint Servers Via CVE-2019-0604 Exploit

Caution: Hackers Actively Targeting Microsoft SharePoint Servers Via CVE-2019-0604 Exploit

Hackers are actively misusing a recently repaired critical remote code execution vulnerability in SharePoint Server variants to mainline China Chopper web shell that permits hackers to inject an issue many other commands.

Canadian and Saudi Arabian cyber-security raised awareness about the continual attack targeting the archaic systems.

The vulnerability impacts all of the versions from SharePoint Server 2010 to through SharePoint Server 2019, and the vulnerability could be monitored as CVE-2019-0604, it was patched by Microsoft in February, released security updates on March 12, and again on April 25.

"A person who exploits the vulnerability can run arbitrary code in the context of this Share-point application pool and the Share-point server account. The exploitation of this vulnerability requires a specially crafted Share-point application bundle."

In this case, the attackers used China Chopper web shell to get the compromised servers remotely and also to issue commands and to manage files on the victim host.

The web shell enables a person to upload and download any files from the jeopardized server and to edit, delete, copy, rename and even to change the timestamp of existing files.

Based on researches conducted by cybersecurity agencies, the targeted businesses are academic, usefulness, heavy industry, technology, and manufacturing businesses.

Mitigations

The company running share stage servers advocated upgrading the servers to addresses the vulnerability.

Indicators of compromise

SHA256 Hash

05108ac3c3d708977f2d679bfa6d2eaf63b371e66428018a68efce4b6a45b4b4

b560c3b9b672f42a005bdeae79eb91dfb0dec8dc04bea51f38731692bc995688

7d6812947e7eafa8a4cce84b531f8077f7434dbed4ccdaca64225d1b6a0e8604

2e4b7c022329e5c21e47d55e8916f6af852aabbbd1798f9e16985f22a8056646

c63f425d96365d906604b1529611eefe5524432545a7977ebe2ac8c79f90ad7e

SHA1 Hash

f0fb0f7553390f203669e53abc16b15e729e5c6f ee583451c832b07d8f2b4d6b8dd36ccb280ff421

dc8e7b7de41cac9ded920c41b272c885e1aec279

4c3b262b4134366ad0a67b1a2d6378da428d712b

MD5 Hash

0eebeef32a8f676a1717f134f114c8bd

198ee041e8f3eb12a19bc321f86ccb88

708544104809ef2776ddc56e04d27ab1

b814532d73c7e5ffd1a2533adc6cfcf8

Filename

pay[.]aspx

stylecss[.]aspx

IP Address

114.25.219.100

Reference: https://gbhackers.com/hackers-microsoft-sharepoint-servers/amp/

Tags:
CyberSecurity CybersecurityAgencies MicrosoftSharePointTips MicrosoftSharePointServers MicrosoftSharePoint Microsoft
Technology

Related Posts

☕ Sharepoint, Team Collaboration Software Tools

Technology

Why Is Employee Engagement Significant:

Employee engagement is a huge topic in the business world today. Many companies try to measure engagement levels with surveys, polls, etc. Managers scour the web for employee engagement ideas, activities, quotes, inspiration, and more. But does all that stuff work? Maybe to some degree. But more often than not, communication and interaction are all employees need to feel engaged in their work. When employees work together, engagement tends to increase, especially when using online collaboration tools. They can share their thoughts and bounce ideas off each other. They can update each other on their progress, and keep an open line of communication.

☕ Best practices to stay vigilant against ransomware.

Technology

Let's take a look at what you should do to stay safe against ransomware. Here are six simple steps to protect your data from cyber attacks:

☕ Why You Need Expert Microsoft Power Bi Implementation Partner?

Enterprise

What happens is that sometimes you may have a proper idea for the work you are working for but the execution is still not bringing that expected output as it should bring.

☕ Microsoft .NET PROJECT DEVELOPMENT: Advantages and things to consider before outsourcing

Enterprise

Outsourcing is the new trend in the world of business for the growth and efficiency of a company.

☕ Five Reasons That Support Azure IoT Edge To Be Industry’s Most Bright Edge Computing Platform

Trends

Last week, Microsoft announced the general availability of Azure IoT Edge, also the advantage computing platform that's been in functions for at least a year.

 
© Since 2003 - Cyber Infrastructure, "CIS" - Central India's Largest Technology Company.