malware-log.hatenablog.com
vul.hatenadiary.com
【概要】
| 項目 |
内容 |
|---|---|
| 被害組織数 | 400組織以上 |
| 主要な標的国家 | 米国 (13%以上) |
| インターネット上のSharePoint Server数 | 11,000 (ShadowServer) |
■被害組織
| 公表日 |
発生日 |
組織名 |
内容 |
|---|---|---|---|
| 2025/07/23 | 2025/07/18 | 国立核安全保障局 (NSA) | ネットワークに侵入 |
| 2025/07/18 | Department of Energy (DOE) | ごく限定的な SharePoint システム侵害 | |
| 2025/07/18 | Department of Homeland Security (DHS) | ||
| 2025/07/18 | National Institutes of Health (NIH) | ||
| 2025/07/18 | Department of Education | ||
| 2025/07/18 | フロリダ州政府 | サーバー侵害の報告あり | |
| 2025/07/18 | ロードアイランド州政府 | 議会 SharePoint サーバー侵害の模様 | |
| 2025/07/18 | California Independent System Operator(CA ISO) | 電力システム運用組織。SharePoint 攻撃で被害確認 | |
| 2025/07/18 | 400組織超 | ||
| 2025/008/15 | 2025/08/11 | カナダ下院 |
■攻撃組織
| 項目 |
内容 |
|---|---|
| Linen Typhoon | 知的財産の盗用を専門とする組織 |
| Violet Typhoon | スパイ活動を行う組織 |
| Storm-2603 | 7 月 18 日から Warlock ransomware を展開 |
【ニュース】
■2025年
◇2025年7月
◆US nuclear weapons agency hacked in Microsoft SharePoint attacks (BleepingComputer, 2025/07/23 11:14)
[米国核兵器機関、Microsoft SharePoint 攻撃でハッキング被害]
https://www.bleepingcomputer.com/news/security/us-nuclear-weapons-agency-hacked-in-microsoft-sharepoint-attacks/
⇒ https://incidents.hatenablog.com/entry/2025/07/23/000000
◆Microsoft SharePoint attacks ensnare 400 victims, including federal agencies (CyberScoop, 2025/07/24)
[Microsoft SharePoint の攻撃により、連邦政府機関を含む 400 の被害組織が出る]
https://cyberscoop.com/microsoft-sharepoint-attacks-400-victims-us-agencies/?utm_source=chatgpt.com
⇒ https://incidents.hatenablog.com/entry/2025/07/24/000000
◇2025年8月
◆Hackers exploit Microsoft flaw to breach Canada ’s House of Commons (SecurityAffairs, 2025/08/15)
[ハッカーが Microsoft の脆弱性を悪用してカナダ下院を侵害]
https://securityaffairs.com/181155/hacking/hackers-exploit-microsoft-flaw-to-breach-canada-s-house-of-commons.html
⇒ https://incidents.hatenablog.com/entry/2025/08/15/000000
【検索】
google: ToolShell
google: SharePoint
google:news: ToolShell
google:news: SharePoint
google: site:virustotal.com ToolShell
google: site:virustotal.com SharePoint
google: site:github.com ToolShell
google: site:github.com SharePoint
■Bing
https://www.bing.com/search?q=ToolShell
https://www.bing.com/search?q=SharePoint
https://www.bing.com/news/search?q=ToolShell
https://www.bing.com/news/search?q=SharePoint
https://twitter.com/search?q=%23ToolShell
https://twitter.com/search?q=%23SharePoint
https://twitter.com/hashtag/ToolShell
https://twitter.com/hashtag/SharePoint
【関連まとめ記事】
