#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

Update: 2025-07-31

Description

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

A critical new SharePoint vulnerability is under mass exploitation, with attackers targeting on-premises SharePoint Server deployments to exfiltrate sensitive data, including authentication tokens.
And then directly related to the first story, Microsoft has now confirmed that at least three China-linked threat actors—Linen Typhoon, Violet Typhoon, and Storm-2603—were actively exploiting CVE-2025-49706 and CVE-2025-49704 a day before the company issued patches on July 8.
The UK government announced on July 22, 2025, that it plans to make ransomware payments illegal for public sector bodies and operators of critical national infrastructure (CNI).
In-browser cryptocurrency mining, often called crypto jacking, originally gained notoriety in 2017 when Coinhive introduced JavaScript-based mining for Monero.

Comments

In Channel

#243 - Defender Fridays: Detection prioritization via the BloodHound attack graph with Jared Atkinson, CTO at SpecterOps

2025-08-2933:16

#242 - Building human & AI synergy with Peter Ruta, Founder / CEO of Arcanna.ai

2025-08-2731:40

#241 - Intel Chat:Apache ActiveMQ, Elastic EDR vulnerability, kernel-level EDR killers & PipeMagic

2025-08-2636:40

#240 - Defender Fridays: Remote Management Tool Abuse with Ezra Woods, Security Engineer at Grand Canyon Education

2025-08-2329:05

#239 - Intel Chat: Scattered Spider or ShinyHunters, Linux kernel’s eBPF subsystem, MAPP & BlackSuit ransomware group

2025-08-1938:03

#238 - Defender Fridays: Building trusted ecosystems for incident response with Dr. Mike Saylor, CEO of Blackswan Cybersecurity

2025-08-1531:25

#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA grant funding

2025-08-1142:37

#236 - Defender Fridays: Explore the Challenges of Securing AI Adoption with Jeremy Snyder, Founder and CEO of FireTail.ai

2025-08-0830:15

#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA cyber grant funding

2025-08-0639:35

#234 - Defender Fridays: Autonomous SOC, AI for cybersecurity, and security automation with Filip Stojkovski, Staff Security Engineer at Snyk

2025-08-0229:17

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

2025-07-3137:13

#232 - Defender Fridays: AI scarping and internal threat with Lera Leonteva, Founder of Leo AI

2025-07-2531:13

#231 - Intel Chat: CISCO CVE 10/10, Matanbuchus, Cambodian takedown & Overstep

2025-07-2228:17

#230 - Defender Fridays: Cyberphysical protection for high value assets with Lennart Koopman, Founder of

2025-07-1830:56

#229 - Intel Chat: IntelBroker, Hunters International, Brazilian insider, Ruckus Networks & Patch Tuesday

2025-07-1735:32

#228 - Defender Fridays: Building detection and response processes that scale with Ryan Cox, Senior Security Engineer at Revinate

2025-07-1128:52

#227 - Intel Chat: Sudo, browser vulns, Medusa & Cloudflare blocks AI

2025-07-0831:44

#225 - Defender Fridays: EDR, DFIR & endpoint triage with Brian Carrier, CEO of Sleauth Kit Labs

2025-06-2731:00

#224 - Intel Chat: OtterCookie, Flodrix, Water Curse & Scattered Spider

2025-06-2431:45

#223 - Defender Fridays: Maintaining the human touch in security operations with Hayden Covington, SOC SecOps Lead at BHIS

2025-06-2030:48

00:00

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

#box-pro-ellipsis-175672954132042{-webkit-line-clamp:2;}#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking