CISA Analyzes ToolShell Malware Targeting SharePoint Servers

Trending News

Trump Administration Issues AI Action Plan and AI Executive Orders

Winning the Race: America’s AI Action Plan

Innovation Over Regulation – Trump Unveils America’s AI Action Plan

Caught in the Act: Practical and Legal Considerations When Executives’ Office Love Affair Exposed

Florida’s CHOICE Act Becomes Law, Enhancing Certain Non-Compete Agreements

Labor Secretary Lifts Abeyance on OFCCP Disability and Veteran Matters

In Case You Missed It: DOL Prohibited From Collecting Liquidated Damages in Wage & Hour Pre-Litigation Investigations

SEC’s New Concept Release on Foreign Private Issuer Standards

What Regulated Businesses Should Know About the Supreme Court’s Recent NEPA Decision

NEW ATDS BATTLEGROUND: Texas Passes HUGE NEW AMENDMENT to Its State Telemarketing Law Reviving The Risk of Autodialer Cases

Linn F. Freedman

Email

401-709-3353

Bio and Articles

Find Your Next Job !

Specialist: Legal Information Center Research

Associate Litigation Attorney

Experienced Family Law Attorney

Explore More Job Openings

CISA Releases Malware Analysis Report for Microsoft SharePoint Vulnerabilities

by: Linn F. Freedman of Robinson & Cole LLP - Data Privacy + Security Insider

Friday, August 8, 2025

Print Mail Download info_icon_img

info_icon_img

Threat actors continue to exploit ToolShell to gain unauthorized access to on-premises SharePoint servers. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report after analyzing six files “including two Dynamic Link-Library (.DLL), one cryptographic key stealer, and three web shells. Cyber threat actors could leverage this malware to steal cryptographic keys and execute a Base64-encoded PowerShell command to fingerprint host system and exfiltrate data.”

The report includes the indicators of compromise and detection signatures to identify malware samples. The report also includes an analysis of YARA Rules, Sigma Rules, ssdeep matches, screenshots, PE Metadata, PE Sections, Packers/Compilers/Cyrptors, Tags and Details.

If your organization has been, or is potentially affected by ToolShell, take advantage of CISA’s analysis and use it to mitigate any potential effect on your company.

Current Public Notices

Post Your Public Notice Today!

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: LCP Hollywood Lender LLC

Published: 8 August, 2025

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Selux Diagnostics,Inc

Published: 8 August, 2025

PUBLIC NOTICE OF SALE OF ASSESTS: GEE HEAVY MACHINERY LLC

Published: 30 July, 2025

PUBLIC NOTICE OF ASSET SALE: CleanBay Renewables, Inc, and Its Several Subsidiaries

Published: 29 July, 2025

PUBLIC NOTICE OF AUCTION OF ASSETS: Confidential Women’s Resort Wear Company

Published: 28 July, 2025

PUBLIC NOTICE OF RECEIVERSHIP SALE: ENTEGRA CAPITAL LLC AND EC MASTER TRUST

Published: 23 July, 2025

PUBLIC NOTICE OF UCC SALE: Harrisburg Hotel LLC

Published: 21 July, 2025

PUBLIC NOTICE OF UCC SALE: GLP 2206 LLC

Published: 18 July, 2025

PUBLIC NOTICE OF UCC SALE: Broad St Ventures Urban Renewal, LLC

Published: 10 July, 2025

PUBLIC NOTICE OF ASSIGNMENT: Common Cents Distributors, LLC

Published: 26 June, 2025

Discover more public notices

Current Legal Analysis

NYC Limits Housing Discrimination Based on Criminal Background: Is ‘Criminal History’ History?

by: John A. Snyder , Diane Krebs

Massachusetts Makarevich: ‘Understandable’ Separation Agreement Language Aids Employer in Unpaid Wages Case

by: Brian E. Lewis , Eve R. Keller

Breastfeeding at Work Redefined: Puerto Rico’s New Code Ushers in Major Changes

by: Sara E. Colón-Acevedo , Karina Rodríguez

Civil Rights Enforcement following Columbia’s Settlement with the White House

by: Amy Fabiano , Brigid Harrington

Court Rules Pension Fund’s Position Was Not ‘So Baseless’ as to Mandate an Award of Attorneys’ Fees

by: Robert R. Perry

More from Robinson & Cole LLP

Privacy Tip #454 – Students Sue Kansas School District Over AI Surveillance Tool

by: Linn F. Freedman

Illinois Bans AI Therapy, Preserves Human Oversight in Care

by: Linn F. Freedman

New Updates to CCPA Regulations: California’s Focus on Automated Decisionmaking Technology, Cybersecurity Audits, Risk Assessments, and More

by: Roma Patel , Linn F. Freedman

Federal Jury Finds Against Meta for Collecting Data from Flo Health

by: Linn F. Freedman

CISA + Partners Release Advisory on Scattered Spider

by: Linn F. Freedman

Accurate Append, Inc. to Pay $55,000 Fine for Failure to Register under the California Delete Act

by: Kathryn M. Rattigan

Privacy Tip #453 – Proton Launches Encrypted AI Assistant

by: Linn F. Freedman

NIST Updates Controls on Secure + Reliable Patches

by: Linn F. Freedman

The Future of the CFPB Open Banking Rule Remains…Open

HHS Publishes 340B Guidance Proposing Rebate Pilot Program

by: Yelena (Lena) Greenberg

What a 1988 Statute Signals in the New England Patriots’ Privacy Class Action Settlement

by: Kathryn M. Rattigan

Kentucky AG Sues Temu for “Stealing Kentuckians’ Data”

by: Linn F. Freedman

White House Releases AI Action Plan

by: Linn F. Freedman

Upcoming Events

Aug

21

2025

Crash Course: How to Acquire and Resuscitate Distressed Companies

Sep

15

2025

US General Counsel Summit

Sep

15

2025

Chief Litigation Officer Summit

Aug

13

2025

TSCA 30/30 - August 13, 2025

Print