Urgent Security Alert: A Flaw in Microsoft SharePoint Puts Thousands of Organizations at Risk

A newly discovered, serious security flaw in a popular Microsoft product is being used by hackers to attack organizations around the world. The vulnerability is in Microsoft SharePoint, a tool many businesses use to share and manage documents. Here’s a simple breakdown of what’s happening and what you need to do to stay safe.

What is the Threat?

Think of your company's computer server as a secure building. Hackers have found a brand-new, unguarded door in servers that run a specific version of Microsoft SharePoint. This isn't just a minor issue; this flaw allows attackers to get inside, take control of the server, read, copy, or delete sensitive files, and potentially use that access to cause further damage across your network.

Because this flaw was unknown to Microsoft until the attacks started, there was no pre-built defense, making the threat particularly dangerous.

Is Your Organization at Risk?

This security flaw affects organizations that run their own on-premises SharePoint servers. In simple terms, if your company has its own physical servers in your office or data center running SharePoint, you are likely at risk.

The good news is that cloud-based services like SharePoint Online (part of Microsoft 365 or Office 365) are not affected.

The attacks seem to be widespread and random, hitting thousands of organizations of all sizes, from government agencies to small businesses.

What You Need to Do Immediately

Microsoft has released security fixes, but it's crucial to act fast. Here are the most important steps to take:

1. Update Immediately: Your IT department needs to install the latest security updates from Microsoft as soon as possible. This will patch the vulnerability and close the "unguarded door" the hackers are using.

2. Ensure Security Tools are Active: Microsoft provides built-in security tools like the Antimalware Scan Interface (AMSI) and Microsoft Defender. Your IT team should ensure these features are turned on and running correctly on your SharePoint servers.

3. Change the Locks (A Crucial Step!): Even after installing the update, you're not done. Think of it like this: even after fixing the door, someone might have already made a copy of the key. Your IT team must "change the digital locks" on the server to ensure any hackers who previously got in are kicked out for good. Simply installing the update is not enough.

4. Consider Disconnecting: If for some reason your organization cannot apply the updates right away, the safest course of action is to temporarily disconnect your SharePoint server from the internet to prevent an attack.

This is a serious and active threat. If you are unsure whether your organization is affected or how to perform these steps, we strongly urge you to take action now.

Microsoft: A History of Blunders

This SharePoint vulnerability is not an isolated incident. It's the latest in a series of security failures and questionable decisions that have raised serious concerns about Microsoft's priorities and security culture.

In April 2024, a U.S. Cyber Safety Review Board report declared that a 2023 breach of Microsoft's cloud email, which compromised the accounts of U.S. government officials, "was preventable and should never have occurred." The board concluded that Microsoft's "security culture was inadequate and requires an overhaul." That attack was attributed to a China-linked hacking group.

Adding to these concerns, it was recently revealed that Microsoft had been using engineers based in China to help maintain sensitive cloud computing systems for the U.S. Department of Defense. This practice, which relied on U.S. citizen "digital escorts" with security clearances to oversee the work, was flagged as a major national security risk. The escorts often lacked the technical expertise to verify the code they were implementing, creating a potential opening for espionage. In response to the outcry, the Defense Secretary ordered a review, and Microsoft announced it would immediately stop using China-based engineers for these services.

These events paint a troubling picture. For a company at the heart of the global technology ecosystem, these recurring issues suggest a pattern of prioritizing features and convenience over fundamental security, leaving customers, including government agencies, exposed to significant risks.

Sources:

• Washington Post

• AP News

• CRN

• ProPrublica

Intro:

No, this isn’t a cooking blog where I tell you how to fry up your favorite fishy foods. Trust me, you wouldn’t want that advice from me anyway. Instead, we’ll be serving up security insights ranging from local to global threats, and physical and cyber security topics. On this month’s menu:

Canada Bans Hikvision

In a move that mirrors actions taken by the United States and other allied nations, the Canadian government has ordered the shutdown of the Canadian operations of the Chinese state-owned technology manufacturer, Hikvision (also known as Hangzhou Hikvision Digital Technology Co.). The company's surveillance equipment has been a source of growing security concerns in the West.

The ban in Canada follows a 2022 decision by the U.S. Federal Communications Commission (FCC) to ban the sale and import of new communications equipment from five Chinese companies, including Hikvision. The U.S. has cited concerns that the company's products could be used by the Chinese government for surveillance, posing a security risk. This sentiment has been echoed by other countries, leading to a growing list of nations that have implemented full or partial bans on the use of Hikvision technology, particularly in government facilities. These concerns stem from the close ties between the company and the Chinese government, as well as the potential for backdoors in the technology that could allow for unauthorized access to sensitive information.

Takeaway:

I still see these cameras everywhere, usually it’s an older installation on smaller buildings, like retail shops. Yes, these cameras may have been a cheap lifeline a decade ago when those shops needed security. Good on them for moving forward with some form of surveillance system. But, it’s time to wake up — we’re in a cold war with China, and saving a buck on their cheap hardware could come at a future cost that I’m not willing to pay.

Do yourself and your fellow Americans a favor and upgrade that ancient system to a more reputable solution.

Source:

•  reuters.com

• ipvm.com

Mother of all dDOS!

In a stark reminder of the ever-present threat of cyberattacks, Cloudflare recently thwarted a record-breaking 7.3 terabits-per-second (Tbps) Distributed Denial-of-Service (DDoS) attack. This massive assault, aimed at a hosting provider, highlights the critical importance of individual and collective responsibility in securing our network-connected devices. The attack, which was 12% larger than the previous record, was largely comprised of a UDP (User Datagram Protocol) flood, a common method for overwhelming a target's servers with a deluge of traffic.

The attack delivered 37.4 TB (terabytes) of data in just 45 seconds. For comparison, this is equivalent to streaming 7,500 hours of HD video… in 45 seconds — Talk about binge watching…

The Hidden Danger of Unsecured Devices

The most alarming aspect of such attacks is that they are often carried out by botnets, which are vast networks of compromised devices. These devices, which can include everything from routers and security cameras to smart home gadgets, are often exploited due to weak or default passwords, unpatched vulnerabilities, and a general lack of security awareness. Once infected, these devices become "zombies" in a botnet army, ready to be weaponized for large-scale DDoS attacks, data theft, and other malicious activities. The sheer number of these devices, with an estimated 27 billion IoT devices expected by 2025, creates a massive and readily available pool of resources for cybercriminals.

Taking Ownership of Our Digital Lives

This incident underscores the urgent need for a paradigm shift in how we approach the security of our connected devices. While it may seem like a daunting task, there are several simple yet effective steps that everyone can take to protect themselves and contribute to a more secure digital ecosystem:

• Change Default Passwords: The first and most crucial step is to change the default passwords on all your devices. Use strong, unique passwords for each device and account.

• Keep Software Updated: Regularly update the firmware and software on all your devices to ensure they are patched against the latest vulnerabilities.

• Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring a second form of verification, making it much harder for unauthorized users to access your accounts.

• Secure Your Wi-Fi Network: Change your router's default settings, use strong encryption (WPA3 is recommended), and create a separate guest network for visitors and less secure IoT devices.

• Be Mindful of What You Connect: Before connecting a new device to your network, consider its security features and the manufacturer's reputation.

By taking these proactive measures, we can reclaim ownership of our network-connected devices and prevent them from being used as pawns in the escalating cyberwar. It's not just about protecting our own data and privacy; it's about contributing to a safer and more resilient internet for everyone.

Sources:

•  thehackernews.com

• bleepingcomputer.com

Shifting Gears to defense

In a chaotic scene underscoring a dangerous trend, a South Los Angeles AutoZone was ransacked by a large mob, an incident authorities believe was connected to a nearby street takeover. This marks the second time in a year the same location has been hit in this manner, where the lawless energy of the illegal car rally spilled over into opportunistic crime, causing what police estimate to be hundreds of thousands of dollars in damage and stolen merchandise.

This event is a stark illustration of why target hardening is no longer an optional security measure, but an essential business strategy, especially in environments with predictable risks.

Why Target Hardening is Crucial

Target hardening is the practice of making a location more difficult for criminals to attack. The recent AutoZone looting, where a crowd tore through a metal fence and shattered glass, highlights a critical vulnerability: being a "soft target." In high-energy, mob-mentality situations like a street takeover, the crowd will exploit the path of least resistance. A business that appears difficult to breach is often bypassed for an easier one.

Key target hardening measures that are crucial in these environments include:

• Reinforced Barriers: Upgrading doors, windows, and fencing is the first line of defense. This can include installing security window films that prevent glass from shattering, roll-down metal security shutters for after-hours protection, and reinforced door frames that can withstand significant force.

• Access Control: Limiting points of entry and controlling who can get in and out, even during business hours, can deter a mob. While challenging for retail, solutions like controlled-entry door systems can be considered in high-risk locations.

• Visible Security: The presence of high-quality, visible surveillance cameras and prominent signage advertising an alarm system can act as a psychological deterrent. While it may not stop a determined mob, it can make some participants think twice and aids law enforcement in identifying suspects later.

• Layered Defenses: No single measure is foolproof. A layered approach combining physical barriers, surveillance, alarms, and a well-rehearsed emergency plan provides the most robust protection. If one layer is breached, the next is already in place to delay criminals and alert authorities.

• Kick It Up a Notch: If you want to go the extra mile, there are more proactive, advanced solutions such as fog systems, strobes, and sirens that are sure to make perpetrators second-guess why they are there. These systems can avert a break-in altogether, or buy you valuable time as law enforcement arrive.

For businesses in areas prone to volatile events like street takeovers, assuming "it won't happen to me" is a costly gamble. The AutoZone incident is a clear signal that the chaos of these gatherings can quickly escalate, and only by proactively hardening their defenses can businesses protect their property, their employees, and their livelihood from becoming collateral damage.

Source: ktla.com

The Moneyball Misplay

Hollywood headlines once again blur with police blotters as Brad Pitt's Los Feliz home was ransacked by a burglary crew, marking yet another high-profile attack on a California luminary. The incident, where three suspects reportedly scaled a fence and smashed a window, is the latest in a string of brazen crimes targeting the rich and famous, leaving many to wonder about a puzzling paradox: why do individuals with immense wealth so often appear to be reactive, rather than proactive, when it comes to their personal security?

This question becomes even more pointed when viewed alongside the recent, horrifically violent home invasion at the Montecito estate of Beanie Babies billionaire Ty Warner. In that case, an intruder broke in, brutally attacked a staff member, and barricaded himself inside while Warner was present.

These incidents highlight a baffling vulnerability. For a fraction of their net worth—the cost of a luxury car or a weekend getaway—these individuals could implement robust, multi-layered security systems. This goes beyond a simple alarm. It means "target hardening": installing shatter-proof windows, reinforced doors, high-tech motion sensors, and, most importantly, a trained and visible security detail.

The reluctance to invest in such proactive measures is a dangerous gamble. It seems to stem from a belief that "it won't happen to me," or perhaps a desire to maintain a sense of normalcy, free from the overt presence of security. But as these repeated and escalating intrusions demonstrate, in today's environment, wealth and fame alone are not deterrents—they are magnets. Without a formidable, visible defense, these sprawling estates are not fortresses, but glittering, soft targets waiting to be hit. The cost of a break-in is no longer just stolen property; it's a violent intrusion that shatters peace of mind and, as seen in the Warner case, can have devastating, life-altering consequences.

Source: ktla.com

What’s New:

Ubiquiti is one of the fastest-growing players in the security manufacturing space, highlighted by its license-free business model. This makes the Ubiquiti ecosystem very cost-friendly, and it only gets better from there.

In their latest release, they have implemented some amazing features that puts their software on par with some of the biggest manufacturers in the space. Here is the official release from Ubiquiti if you want to check it out:

If you’re looking for a detailed breakdown, I’ll hit some of the highlights in this article. If you are a visual learner, here’s another great video showing you where and how to access some of these features:

Here’s the Highlights:

• Spotlights

  • Spotlights allow you to quickly access any new recordings of a specific type. Whether you want to highlight known faces, vehicles, or any new activity, it’s all readily accessible from the spotlights tab. Think of this as an easy and clean way to filter through your latest notifications. You can also set a duration for each spot light if you don’t want it on indefinitely.

  • AI spotlights require an AI Key. With AI spotlights, you can use plain text to highlight anything within your recordings. Using the example in the above video, he uses “cats” as his spotlight search. Now, anytime a cat is present in the recording, it will be present as a spotlight in the dashboard and readily accessible without any further digging.

• Dwell Time

  • Under highlights from the live view, you can now toggle dwell time to see how long a person, object, or animal has been present.

• Smart Object Search

  • Another feature requiring the AI Key, but is super convenient, is the smart object search. Using this, you can easily find footage of a smart detection object. Simply pause the recording when a smart detection is present, click “AI Summary”, and click on the highlighted detection once the scan is complete. This will bring up past footage of that object. Currently, this is only available for people detections, but expect this feature to be available for vehicles in a near future update.

• Plain-text Search

  • With the AI Key in the “Find Anything” tab, you can use plain text to search through your recordings. This is one of the better features in the update that really puts Ubiquiti on par with other manufacturers in the space. There are many filters to choose from in the Find Anything tab, but in essence, you can simply search through your recordings using plain language. For instance, if you typed “male wearing a black hoodie and sunglasses,” all recordings fitting that description would appear. You can even search vehicles by brand.

• Timeline Updates

  • Grid search

    • You can now highlight certain areas within a recording to further define your search. This is great if you have a known location, like a parked vehicle, package, etc., that you need to locate. See the image below for an example.

  • Object Counting

    • Within the “Playback” tab, you can further filter through different detection types within a specified time range. In addition, you can get an exact count of events by time. This is great in a retail setting to track busy times, see how many window shoppers you have via the loitering detection, etc.

  • Multi-cam Playback

    • If you want to scrub through multiple camera recording streams at once, you can now do so. Albeit with limited functionality compared to the other options highlighted in this article. To do so, simply click “Multi-Camera Playback” in the dashboard (highlighted by the red arrow below).

• System Logs

  • System logs now offer a much more granular look at all events across the platform. So much so, you can see exactly how long a user viewed a stream to the second. You can further sort through the additional logs via “Devices,” “Users,” and “Categories,” such as detections by type, site activity, admin activity, and more. Essentially, nothing will be missed, making this update one step closer to an enterprise-friendly platform.

Summary:

These are some very powerful updates released with UniFi Protect 6.0! I expect additional functionality to be added in future updates to supplement this impressive software release. If you don’t have an AI Key, this might be the catalyst needed to get one!

See the full press release here.

A Gilded Cage Cracked Open

The news sent a ripple of shock through the affluent enclaves of Southern California and beyond: in late May 2025, the Montecito mansion of Ty Warner, the billionaire creator of the Beanie Babies empire, was the scene of a violent home invasion. While the 80-year-old tycoon was present, a woman in the home was brutally attacked and left in a coma. The alleged assailant, a man from Nevada, managed to breach the perimeter of a home owned by a man worth an estimated $6 billion, according to Forbes.

The incident, which occurred on Fairway Road in the celebrity-studded community, has left many asking a startlingly simple, yet complex question: How does a billionaire, with access to virtually unlimited resources, fall victim to a home invasion?

The Paradox of Protection: Why the Wealthy Can Be Vulnerable

On the surface, it seems inconceivable. We imagine the homes of billionaires as modern-day fortresses, replete with towering gates, motion-sensing cameras, and a private security force. While the specifics of Warner's security are not publicly known, the successful intrusion begs a deeper look into the potential vulnerabilities that can exist even at the highest echelons of wealth.

Several factors could be at play. Complacency can be a silent security threat. A long period without incident can lull anyone, regardless of their net worth, into a false sense of security. The "it won't happen to me" mentality can be a powerful and dangerous blinder.

Furthermore, the very nature of a sprawling, luxurious estate can present its own set of challenges. Multiple points of entry, extensive grounds, and a rotating cast of staff and service providers can create a complex security landscape that is difficult to manage flawlessly. Human error, a universal vulnerability, can also play a role, from a gate left momentarily unsecured to a security protocol not strictly followed.

Obscurity is No Longer Security

For generations, one of the most effective security tools for the wealthy was privacy—a shield of obscurity. The less people knew about you, your routines, and your property, the safer you were. However, relying on obscurity will not protect you in this digital age. It is a dangerously outdated strategy.

Today, a wealth of open-source information is easily accessible to anyone with an internet connection. Public records, social media activity, and online maps provide a treasure trove of data for those with malicious intent. A determined individual can digitally case a property, study its layout, and identify potential weaknesses from miles away. The idea of a truly private life, especially for a public figure like a billionaire, has all but vanished.

In the immediate aftermath of the attack on Warner's home, this modern reality was starkly illustrated. Several news outlets, in their reporting of the horrific event, included clear aerial and ground-level images of the sprawling estate. This coverage, while informing the public, further diluted the shroud of privacy that once offered a layer of protection. Every published photo and video clip served as free reconnaissance, broadcasting the property's features and potential vulnerabilities to a global audience. The belief that one can remain a ghost while living in a palace is a fantasy, and a perilous one at that.

A New Era of Security Consciousness

The violent intrusion at Ty Warner's home is a brutal reminder that wealth alone is not a shield. In an age where criminal tactics are becoming increasingly sophisticated and privacy is all but gone, a proactive and multi-layered approach to security is paramount. This includes not only the physical barriers of gates and guards but also a keen understanding of the technological threats that can silently dismantle those defenses.

For high-net-worth individuals, this means investing in security solutions that can detect and counteract signal jamming, employing robust cybersecurity measures to protect smart home systems, and fostering a culture of constant vigilance. For the rest of us, it is a wake-up call to the evolving nature of crime and the importance of understanding the vulnerabilities in our own connected lives.

The tragic events in Montecito should serve as a catalyst for a broader conversation about security in the 21st century. As the tools of criminality become more advanced, our approach to protecting ourselves, our homes, and our communities must evolve in tandem.

Sources:

• KSBY.com

• ABCnews.go.com

• Noozhawk.com

• Forbes.com

Montecito, CA - In a decisive move to counter a surge in brazen burglaries, the Rosewood Miramar Beach resort has announced it will fully fund and house a new Santa Barbara County Sheriff's substation. This unprecedented partnership comes as a direct response to growing community frustration over crime and law enforcement response times in the affluent enclave.

The need for a heightened law enforcement presence has been acutely felt in communities like Birnam Wood, where residents have been targeted by sophisticated criminal rings. These are not your average smash-and-grab operations. Law enforcement officials have identified the perpetrators as well-organized groups, some allegedly with ties to "South American Theft Groups" (SATG), who carry out meticulous surveillance of their targets. These groups often use hidden game cameras or camouflaged cell phones to surveil potential targets.

These groups are known to study the routines of homeowners, often striking when they are away, even for a short dinner. Their methods are increasingly high-tech, employing signal jamming technology to disable Wi-Fi-based security systems and cameras, effectively rendering them useless. This allows them to operate undetected, swiftly entering homes and making off with valuables before any alarm can be raised.

The brazenness of these crimes was recently highlighted by a violent home invasion at the estate of Beanie Babies billionaire Ty Warner, which left a woman seriously injured and sent shockwaves through the community. While a suspect from Nevada was apprehended in that case, it underscored the vulnerability of even the most seemingly secure residences.

The new sheriff's substation, to be located at the Rosewood Miramar and just a mile away from the Upper Village, aims to provide a much-needed, visible deterrent and significantly reduce response times. The Montecito Association had been actively fundraising for a substation, a testament to the community's collective desire for enhanced security. Rosewood Miramar's generous offer to take on the full financial and logistical responsibility for the substation has been met with widespread community support.

The conversation around the root causes of this crime wave is complex. Some community members and law enforcement sources have pointed to the potential for international criminal organizations to exploit perceived "open-border policies," allowing individuals to enter the country and participate in these lucrative burglary rings. This perspective suggests a need for a broader examination of how transnational crime is impacting local communities.

Regardless of the complex factors at play, the residents of Montecito and surrounding areas are taking a proactive stance. The establishment of the new sheriff's substation is a clear message that the community will not stand idly by. By combining increased law enforcement presence with resident vigilance and the adoption of more robust, hardwired security measures that are impervious to signal jammers, Montecito is building a stronger defense against those who seek to threaten its safety and peace of mind.

What Else Can Be Done?

A Layered Security Approach for a Modern Threat

No single solution is foolproof. A comprehensive home security strategy integrates multiple layers of defense:

Physical Security: This is your first line of defense.

• Reinforce Doors and Windows: Install heavy-duty deadbolt locks on all exterior doors. Use security film on ground-floor windows and glass doors to make them more difficult to shatter.

• Secure Gates and Garages: Always keep side gates locked and your garage door closed and secured.

Electronic Security: This is your alert system

• Monitored Alarm System: A professionally monitored system with cellular backup is the gold standard.

1. Multi-band signal jamming sensors can be added to your alarm system to alert authorities

• Comprehensive Camera Coverage: Install high-quality, hardwired cameras that cover all entry points and approaches to your home.

1. Add video monitoring to enhance your perimeter security and provide video verification for your alarm system

Procedural Security: This involves your habits and community engagement

• Vigilance and Awareness: Be observant of unfamiliar vehicles or individuals in your neighborhood and report suspicious activity to law enforcement immediately.

• Illusion of Occupancy: When you are away, use smart home technology or simple timers to turn lights, a radio, or a television on and off to create the impression that someone is home.

• Digital Hygiene: Avoid posting vacation plans or real-time updates of your whereabouts on social media. This can be an open invitation to burglars who may already be surveilling your home.

By implementing a robust and multi-layered security plan, homeowners can significantly decrease their vulnerability to these organized and technologically adept criminal groups. The key is to make your home as difficult and unpredictable a target as possible, encouraging would-be burglars to move on to easier pickings.

Sources:

• Noozhawk.com

• Montecitoassociation.org

• Montecitojournal.net

• Local12.com