{"id":86110,"date":"2025-07-23T14:18:09","date_gmt":"2025-07-23T14:18:09","guid":{"rendered":"https:\/\/www.europesays.com\/us\/86110\/"},"modified":"2025-07-23T14:18:09","modified_gmt":"2025-07-23T14:18:09","slug":"us-nuclear-weapons-agency-breached-using-microsoft-sharepoint-hack","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/us\/86110\/","title":{"rendered":"US nuclear weapons agency breached using Microsoft SharePoint hack"},"content":{"rendered":"<p>The US government agency in charge of designing and maintaining nuclear weapons was among those breached by a <a data-i13n=\"cpos:1;pos:1\" href=\"https:\/\/www.engadget.com\/cybersecurity\/microsoft-sharepoint-server-vulnerability-puts-an-estimated-10000-organizations-at-risk-120006463.html\" data-ylk=\"slk:hack;cpos:1;pos:1;elm:context_link;itc:0;sec:content-canvas\" class=\"link \" target=\"_blank\" rel=\"noopener\">hack<\/a> of Microsoft&#8217;s SharePoint server software, <a data-i13n=\"cpos:2;pos:1\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2025-07-23\/us-nuclear-weapons-agency-breached-in-microsoft-sharepoint-hack\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:Bloomberg;cpos:2;pos:1;elm:context_link;itc:0;sec:content-canvas\" class=\"link \">Bloomberg<\/a> reported. However, attackers weren&#8217;t able to obtain any sensitive or classified information, according to an unnamed source with knowledge of the matter.<\/p>\n<p>The breach occurred at the National Nuclear Security Administration, an arm of the Energy Department responsible for producing and dismantling nuclear arms. &#8220;On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy,&#8221; a spokesperson told Bloomberg. &#8220;A very small number of systems were impacted. All impacted systems are being restored.&#8221;<\/p>\n<p>The exploit only affects SharePoint for on-premises servers. The Department of energy said it was minimally impacted because it widely uses Microsoft M365 cloud &#8220;and very capable cybersecurity systems,&#8221; the spokesperson added.<\/p>\n<p>Microsoft blamed the attack on state-sponsored Chinese hackers. They reportedly exploited flaws in SharePoint document management software and were able to access and control systems and steal security credentials and tokens. &#8220;It&#8217;s a dream for ransomware operators,&#8221; Google&#8217;s Threat Intelligence Group said, adding that the flaw allows &#8220;persistent, unauthenticated access that can bypass future patching.&#8221;<\/p>\n<p>Attackers also accessed the US Education Department and Florida&#8217;s Department of Revenue, along with government systems in other nations including the Middle East and Europe. Microsoft <a data-i13n=\"cpos:3;pos:1\" href=\"https:\/\/x.com\/msftsecresponse\/status\/1947080327094042624\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:announced;cpos:3;pos:1;elm:context_link;itc:0;sec:content-canvas\" class=\"link \">announced<\/a> on Monday that it had released a new security patch &#8220;to mitigate active attacks targeting on-premises [and not online] servers.&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"The US government agency in charge of designing and maintaining nuclear weapons was among those breached by a&hellip;\n","protected":false},"author":3,"featured_media":86111,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[64,58137,2294,36384,252,50,1697,56812,67,132,68],"class_list":{"0":"post-86110","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"tag-business","9":"tag-energy-department","10":"tag-gear","11":"tag-hack","12":"tag-microsoft","13":"tag-news","14":"tag-nuclear","15":"tag-sharepoint","16":"tag-united-states","17":"tag-unitedstates","18":"tag-us"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@us\/114902984549009074","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/86110","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/comments?post=86110"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/86110\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media\/86111"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media?parent=86110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/categories?post=86110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/tags?post=86110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}