CyberSecurityBoard
Sponsor Register Login

Hijacked Microsoft Stream classic domain spams SharePoint sites

The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. Today, the Microsoft Streams classic domain, microsoftstream.com, was hijacked to display a website imitating Amazon that acts as a phishing page for a Thai online casino, as shown below. As a result of the hijack, SharePoint servers that still had embedded videos from the classic microsoftstream.com domain, were now seeing this spam page in pages. "This afternoon, a user reported a suspicious website on our intranet, that is using microsoftstream.com. After some analysis, it turns out the domain is currently redirecting to a sketchy website signed by 'Ibiza99'," reported a SharePoint admin on Reddit. Microsoft Stream is an enterprise video streaming service that allows organizations to upload and share videos in Microsoft 365 apps, such as Teams and SharePoint. Domain Name: MICROSOFTSTREAM.COM Registry Domain ID: 2027086511_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.comlaude.com Registrar URL: Updated Date: 2025-03-27T02:46:29Z Creation Date: 2016-05-09T22:38:37Z Registry Expiry Date: 2025-05-09T22:38:37Z Registrar: Nom-iq Ltd.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 27 Mar 2025 23:15:14 +0000


Cyber News related to Hijacked Microsoft Stream classic domain spams SharePoint sites

Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security - In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint Server customers and exploiting vulnerabilities that were only partially addressed by the July 8, ...
4 months ago Krebsonsecurity.com CVE-2025-53770
Hijacked Microsoft Stream classic domain spams SharePoint sites - The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. Today, the Microsoft Streams classic domain, microsoftstream.com, ...
8 months ago Bleepingcomputer.com
SharePoint 0-day Vulnerability Exploited in Wild by All Sorts of Hacker Groups - File Indicators of Compromise (IoCs) SHA-1FilenameDetectionDescriptionF5B60A8EAD96703080E73A1F79C3E70FF44DF271spinstall0.aspxMSIL/Webshell.JSWebshell deployed via SharePoint vulnerabilities Network Indicators of Compromise (IoCs) IP ...
4 months ago Cybersecuritynews.com
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available - The Microsoft SharePoint zero-day attacks were first identified by Dutch cybersecurity firm Eye Security, which told BleepingComputer that over 75 companies have already been compromised by the attacks. In May, Viettel Cyber Security researchers ...
4 months ago Bleepingcomputer.com CVE-2025-49706
Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day - Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft released emergency security updates on ...
4 months ago Cybersecuritynews.com CVE-2025-53770
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Microsoft says button to restore classic Outlook is broken - Since the beginning of the year, it has addressed other Outlook issues, including one that causes classic Outlook to crash when writing, replying to, or forwarding an email, and another one that led to Classic Outlook and Microsoft 365 applications ...
8 months ago Bleepingcomputer.com
Cypher Queries in BloodHound Enterprise - Our first use case is identifying Domain Trusts that exist within an environment. Our specific query here, Map Domain Trusts can be selected which automatically populates the search window with the built-in query. Selecting Search will then return a ...
1 year ago Securityboulevard.com
Critical SharePoint RCE Vulnerability Exploited Using Malicious XML Payload Within Web Part - The vulnerability highlights the critical importance of secure deserialization practices in enterprise applications and the need for comprehensive security reviews of complex application frameworks like SharePoint. According to the Viettel Security ...
4 months ago Cybersecuritynews.com
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
1 year ago Unit42.paloaltonetworks.com
Chinese Hackers Actively Exploiting SharePoint Servers 0-Day Vulnerability in the Wild - The tech giant’s Security Response Center reported coordinated attacks targeting internet-facing SharePoint installations using newly disclosed vulnerabilities that enable authentication bypass and remote code execution. Microsoft has released ...
4 months ago Cybersecuritynews.com CVE-2025-53770
Microsoft Released an Emergency Security Update to Patch a Critical SharePoint 0-Day Vulnerability - Microsoft has issued an urgent security advisory addressing critical zero-day vulnerabilities in on-premises SharePoint Server that attackers are actively exploiting. Microsoft Defender for Endpoint generates specific alerts, including ...
4 months ago Cybersecuritynews.com CVE-2025-53770
Explained: Domain fronting - Domain fronting is a technique of using different domain names on the same HTTPS connection. Put simply, domain fronting hides your traffic when connecting to a specific website. The technique became popular in the early 2010s in the mobile app ...
2 years ago Malwarebytes.com
New SharePoint flaws help hackers evade detection when stealing files - Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint. Microsoft SharePoint is a web-based collaborative platform that integrates with ...
1 year ago Bleepingcomputer.com
How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
1 year ago Techtarget.com
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University - The attack specifically targets on-premise SharePoint installations, exploiting previously unknown security flaws that allowed threat actors to infiltrate critical infrastructure systems belonging to government agencies, educational institutions, and ...
4 months ago Cybersecuritynews.com
Microsoft investigates ongoing SharePoint Online access issues - Microsoft also mitigated a Microsoft 365 incident in April, which caused SharePoint Online users to experience delays or failures during searches, and another one in June when users opening SharePoint Online or OneDrive-hosted files in File Explorer ...
5 months ago Bleepingcomputer.com
Financially motivated threat actors misusing App Installer - Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme to distribute malware. In ...
1 year ago Microsoft.com Black Basta
CISA Warns of Microsoft SharePoint server 0-Day RCE Vulnerability Exploited in Wild - CISA has issued an urgent warning about a critical zero-day remote code execution vulnerability affecting Microsoft SharePoint Server on-premises installations that threat actors are actively exploiting in the wild. The vulnerability, tracked as ...
4 months ago Cybersecuritynews.com CVE-2025-53770
CVE-2025-40148 - In the Linux kernel, the following vulnerability has been resolved: ...
3 weeks ago
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
1 year ago Microsoft.com
CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
7 years ago
Data regulator fines HelloFresh £140k for sending 80M+ spams The Register - Food delivery company HelloFresh is nursing a £140,000 fine by Britain's data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months. The meal-kit company ...
1 year ago Go.theregister.com
4500+ WordPress Sites Hacked with a Monero Cryptojacking Campaign - Security researchers recently reported the discovery of a massive Monero hacking campaign targeted at WordPress sites. According to reports, more than 4500 WordPress sites were compromised with a malicious cryptocurrency-mining campaign. The hackers ...
2 years ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)