1. Forum
  2. Fidonet
  3. CONSPRCY

  • Canada's House of Commons

    From Mike Powell@1:2320/105 to All on Sat Aug 16 15:41:23 2025
    Canada's House of Commons hit by cyberattack, data possibly leaked online - could Microsoft SharePoint be to blame?

    Date:
    Fri, 15 Aug 2025 14:20:00 +0000

    Description:
    The Canadian government body is investigating a breach and data theft.

    FULL STORY

    Canadas House of Commons has reportedly suffered a cyberattack which saw it lose sensitive employee data.

    A CBC report, citing an internal email that the organization sent to its
    staff, says the attack saw an unidentified threat actor exploit a recent Microsoft vulnerability to access a database with information on employee computers and mobile devices.

    Among the data stolen in the attack was employee names, email addresses, job titles, office locations, and information about the devices they use.

    SharePoint under the magnifying glass

    At the moment, both the House of Commons and Canadas Communications Security Establishment (CSE) are investigating the issue.

    "Attribution of a cyber incident is difficult. Investigating cyber threat activity takes resources and time, and there are many considerations involved in the process of attributing malicious cyber activity," CSE apparently said
    in a statement.

    The organization told its employees to remain vigilant, and be wary of
    incoming communications.

    The details are scarce, but the House of Commons saying the attackers used a recent Microsoft vulnerability fueled speculation that it was done through an infamous SharePoint flaw which has been exploited recently.

    Canadas Cyber Centre recently issued a warning about a SharePoint Server flaw called ToolShell, tracked as CVE-2025-53770.

    ToolShell was first observed in late July 2025, and has been abused by
    multiple threat actors, including Chinese state-sponsored groups .

    Multiple high-profile organizations have already been compromised this way, including the US National Nuclear Security Administration, Rhode Island
    General Assembly, and many others.

    Via BleepingComputer

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/canadas-house-of-commons-hit-by-cyberat tack-data-possibly-leaked-online-could-microsoft-sharepoint-be-to-blame

    $$
    --- SBBSecho 3.28-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

Novedades:

Servidor de Quake 3 Arena Online! - Conectate a ferchobbs.ddns.net, puerto 27960 y vence con tu equipo!