- Microsoft will no longer send a threat concept test to Chinese companies
- Alerts are part of the MAPP vulnerabilities alert system
- Many believe that the Chinese government was involved in the recent SharePoint attack
Access to the Microsoft early alert system for cybersecurity vulnerabilities will be reduced for some companies after an attack campaign that took advantage of the vulnerabilities on the company’s SharePoint platform to aim at 400 organizations.
Microsoft has restricted access to Chinese companies after the suspicions that Beijing was involved in attacks, and many believed that there was a leak in the Microsoft Active Protections program (MAPP): the Microsoft system uses to alert threat security companies to help them avoid hacks and defend themselves proactively against attackers.
These vulnerabilities have now been paved, but have previously been observed in the nature used to implement ransomware. The fault allowed attackers to extract cryptographic keys from Microsoft customer servers, which in turn allows them to install programs on the server, including rear or malware.
In the wrong hands
Experts believe that the most likely scenario for the explosion of SharePoint attacks was thanks to a dishonest member of the MAPP program, and as such, Microsoft will no longer send ‘Concept Test Code’ to Chinese companies.
This refers to a demonstration of a concept that helps security equipment to prepare for an attack adapting their systems.
Techradar Pro It has communicated with Microsoft to ask about any update about its research, but the company has not offered a comment.
On the other hand, if the threat actors are alerted to the defender’s plans, they have an advantage and can evolve their tactics.
Microsoft identified the possibility in which the attackers exploit the alert system; “That is why we take measures, both known and confidential, to avoid misuse”
“We continually review the participants and suspend them or eliminate them if we discover that they violated their contract with us, which includes a prohibition of participating in offensive attacks,” the company confirmed.
Through PakGazette
