#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

Update: 2025-07-31

Description

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

A critical new SharePoint vulnerability is under mass exploitation, with attackers targeting on-premises SharePoint Server deployments to exfiltrate sensitive data, including authentication tokens.
And then directly related to the first story, Microsoft has now confirmed that at least three China-linked threat actors—Linen Typhoon, Violet Typhoon, and Storm-2603—were actively exploiting CVE-2025-49706 and CVE-2025-49704 a day before the company issued patches on July 8.
The UK government announced on July 22, 2025, that it plans to make ransomware payments illegal for public sector bodies and operators of critical national infrastructure (CNI).
In-browser cryptocurrency mining, often called crypto jacking, originally gained notoriety in 2017 when Coinhive introduced JavaScript-based mining for Monero.

Comments

In Channel

#250 - Intel Chat: PromptLock, "Shai-Hulud", EdisonWatch & FileFix campaign

2025-09-2236:30

#249 - Defender Fridays: Security State of Affairs with Cliff Janzen, CISO and VP of Security Services at Arctiq

2025-09-1932:20

#248 - Predictive vs. Reactive Cybersecurity with Robert Boles, Founder / CEO of BLOKWORX

2025-09-1739:12

#247 - Intel Chat: JavaScript high-profile phishing, Red Sea cable cutting, Contagious Interview campaign & Salty2FA

2025-09-1534:08

#246 - Defender Fridays: AI in the SOC with Matt Bromiley from Prophet Security

2025-09-1232:45

#245 - Intel Chat: Salt Typhoon, Scattered LapSus Hunters, WhatsApp vulnerability & AI-assisted compromise

2025-09-0834:56

#244 - Intel Chat: Trend Micro Apex One, PyPI domains, RingReaper & Openbaar Ministrie attack

2025-09-0129:53

#243 - Defender Fridays: Detection prioritization via the BloodHound attack graph with Jared Atkinson, CTO at SpecterOps

2025-08-2933:16

#242 - Building human & AI synergy with Peter Ruta, Founder / CEO of Arcanna.ai

2025-08-2731:40

#241 - Intel Chat:Apache ActiveMQ, Elastic EDR vulnerability, kernel-level EDR killers & PipeMagic

2025-08-2636:40

#240 - Defender Fridays: Remote Management Tool Abuse with Ezra Woods, Security Engineer at Grand Canyon Education

2025-08-2329:05

#239 - Intel Chat: Scattered Spider or ShinyHunters, Linux kernel’s eBPF subsystem, MAPP & BlackSuit ransomware group

2025-08-1938:03

#238 - Defender Fridays: Building trusted ecosystems for incident response with Dr. Mike Saylor, CEO of Blackswan Cybersecurity

2025-08-1531:25

#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA grant funding

2025-08-1142:37

#236 - Defender Fridays: Explore the Challenges of Securing AI Adoption with Jeremy Snyder, Founder and CEO of FireTail.ai

2025-08-0830:15

#237 - Intel Chat: Black Hat roundup - Gemini AI, NeuralTrust & SPLX, VisionSpace Tech, BCM5820X - & CISA/FEMA cyber grant funding

2025-08-0639:35

#234 - Defender Fridays: Autonomous SOC, AI for cybersecurity, and security automation with Filip Stojkovski, Staff Security Engineer at Snyk

2025-08-0229:17

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

2025-07-3137:13

#232 - Defender Fridays: AI scarping and internal threat with Lera Leonteva, Founder of Leo AI

2025-07-2531:13

#231 - Intel Chat: CISCO CVE 10/10, Matanbuchus, Cambodian takedown & Overstep

2025-07-2228:17

00:00

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

#box-pro-ellipsis-175924818191884{-webkit-line-clamp:2;}#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking

#233 - Intel Chat: SharePoint, ToolShell, UK bans payment & cryptojacking