@demiguru
Okay. But *I* AM NOT connecting the #Epstein FBI #SharePoint file exposure to that story. I appreciate you pointing out some possible false connections.
I'm looking ahead to how lists that we know DO exist, might end up in hands of groups OTHER than the FBI & DOJ.
Who might have them & how they might use them are all of interest to me.
@spocko
The #conspiracy-like part is connecting the #Epstein FBI #SharePoint file exposure to the recent #Chinese #zeroday #exploit, potentially implying it was either:
exploited intentionally,
the result of deep systemic failure,
or even deliberate mishandling tied to a broader cover-up.
There’s currently no #credible evidence backing that link. Misconfiguration is a more parsimonious explanation for the older #FBI case. #conspiracytheorists #infosec
@demiguru
What part is the conspiracy theory?
It appears some #SharePoint servers were venerable over a specific time period. Including #FBI servers?
https://www.muellershewrote.com/p/the-epstein-cover-up-at-the-fbi
"Additionally, the internal SharePoint site the bureau ended up using to distribute the files toward the end did not have the usual restricted permissions. This left the Epstein and Maxwell files open to viewing by a much larger group of people than previously thought."
Bondi's incompetence is real. How can we use it?
@spocko it’s #conspiracytheory. #Reuters reports #Microsoft is looking whether a leak from MAPP enabled #Chinese to exploit #SharePoint #vulnerabilities b4 fixes were fully in place.notifications went out on 6/24, 7/3, and 7/7; attack signs began on 7/7—the same day the final notification was issued. #TrendMicro called it the “likeliest scenario” that someone in the program weaponized that info. They pulled the trigger on the #exploit they had at hand bc time was running out.
Question for my #Infosec friends
@emptywheel talked about how FBI agents reviewing the #Epstein #Maxwell materials put together a list for #PamBondi & placed it on an internal #SharePoint server.
https://www.muellershewrote.com/p/the-epstein-cover-up-at-the-fbi
@briankrebs wrote about this #ZeroDay exploit 7-21-25 https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/
Do you think a group has that info?
If so, what's the best way to use existence of that hacked list as POLITICAL leverage against DJT to get the full list out?
@nicolesandler https://www.youtube.com/live/thdaQyDzYFI?si=EjKSqi7B3cRCBIO4&t=4110
Microsoft Used China-Based Engineers to Support Product Recently Hacked by China https://www.propublica.org/article/microsoft-sharepoint-hack-china-cybersecurity #cybersecurity #Sharepoint #Microsoft #USGovernment #China
#Microsoft Used China-Based Engineers to Support Product Recently Hacked by #China
==
Microsoft announced that Chinese state-sponsored hackers had exploited vulnerabilities in its popular #SharePoint software but didn’t mention that it has long used China-based engineers to maintain the product.
#News #Tech #Cybersecurity #Government #Safety #privacy
https://www.propublica.org/article/microsoft-sharepoint-hack-china-cybersecurity
@davidgerard How about the "3 million agents" that have been created on Microsoft's cloud in the past year, according to their FY25 Q4 earnings call? Because in reality, the vast majority of the agents are like this: https://www.youtube.com/watch?v=hpeOjtcA3VY
Microsofts Sharepoint-Lücken: Die Zero-Days, die vielleicht gar keine waren
Die Angriffe auf Sharepoint-Server nutzten keine neuen sondern bekannte Lücken aus, für die es bereits Patches gab. Ob die geschützt hätten, ist jedoch offen.
"Blame a leak for #Microsoft #SharePoint attacks, researcher insists"
... July software updates didn't fully fix a couple of bugs, ...
How did the attackers, ... Chinese government spies, data thieves, and ransomware operators, know how to exploit the SharePoint CVEs ... bypass the #security fixes Microsoft released the following day?
https://www.theregister.com/2025/07/26/microsoft_sharepoint_attacks_leak/
The process of pre announcing bugs to authorities is now broken. Patch was incomplete. As usual with quick fixes
Wow, #sharepoint c'est vraiment de la 
.
Y'a des gens qui payent pour ça?! 
Hundreds of organizations breached by #SharePoint mass-hacks
https://techcrunch.com/2025/07/23/hundreds-of-organizations-breached-by-sharepoint-mass-hacks/
Angriff auf #SharePoint & Stimme geklaut – mit “Tech like Vera” - #They_Talk_Tech – mit Eckert und Wolfangel - #Podcast:
Ein #Microsoft- Desaster rollt durchs Netz: Eine Lücke in #SharePoint wird zur globalen #Angriffswelle und hat einen seltsamen Ursprung: einen #Hacker- #Wettbewerb in #Berlin. Was genau passiert ist, warum hunderte Server kompromittiert wurden klären Svea und Eva in dieser Folge.
Oh wow, someone already made #Metasploit modules that target CVE-2025-53770 and CVE-2025-53771 in the recent #SharePoint 0-Day vulnerabilities
La faille ayant mis SharePoint à terre viendrait d’un partenaire de sécurité informatique de Microsoft http://dlvr.it/TM6m4R #Microsoft #SharePoint
This Week in Security: Sharepoint, Initramfs, and More - There was a disturbance in the enterprise security world, and it started with a Pw... - https://hackaday.com/2025/07/25/this-week-in-security-sharepoint-initramfs-and-more/ #thisweekinsecurity #hackadaycolumns #securityhacks #secureboot #sharepoint #linux
