Risky Business Risky Business #800 — The SharePoint bug may have leaked from Microsoft MAPP
34 snips
Jul 30, 2025 Daniel Cuthbert, a cybersecurity expert from Santander Bank, shares insights on the importance of telemetry for securing browser interactions. He highlights how Push Security enhances detection engineering, crucial for responding to threats. The conversation dives into the fallout from a serious SharePoint bug and its implications for organizations, including the US Department of Energy. Cuthbert discusses the importance of user authentication and the struggles many face in maintaining robust security measures amidst rising cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Risks of MAPP Bug Leaks
- A SharePoint bug leaked possibly via the Microsoft MAPP program, aiding attackers to exploit it quickly.
- Leaks from private vulnerability disclosure programs like MAPP carry risks despite their overall utility.
SharePoint Bug Enables Ransomware
- The SharePoint vulnerability was used by Chinese attackers to deploy Warlock ransomware in addition to espionage.
- Over 400 organizations were breached using this bug, indicating wide impact beyond government espionage.
Tea App Security Fail Story
- The Tea app leaked sensitive data due to unsecured database storage and weak development practices.
- The app exposed IDs, selfies, and private messages, putting women at risk who used it for safety information.