"Two New Bugs Can Bypass Detection and Steal SharePoint Data"

Researchers have found two new Microsoft SharePoint flaws, posing a significant threat to businesses. These vulnerabilities could enable attackers to bypass audit logs, avoid triggering downloads, and exfiltrate SharePoint data. SharePoint is widely used in government and business, with an estimated 250,000 organizations relying on it for document and intranet management. The platform is particularly popular among Fortune 500 companies. Varonis Threat Labs revealed that attackers could evade the detection and enforcement policies of traditional tools such as cloud access security brokers, data loss prevention platforms, and security information event management systems. They could achieve this by disguising downloads as less suspicious access and sync events. This article continues to discuss the potential exploitation and impact of the Microsoft SharePoint flaws.

SC Magazine reports "Two New Bugs Can Bypass Detection and Steal SharePoint Data"

Submitted by grigby1