Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    Information Security
    Informatiebeveiliging betreft het treffen van maatregelen om de beschikbaarheid, exclusiviteit en integriteit van alle vormen van informatie binnen een organisatie of een maatschappij te waarborgen en de eventuele gevolgen van incidenten te beperken tot een acceptabel, vooraf bepaald niveau.

    U.S. nuclear agency hacked via vulnerability in SharePoint

    Hackers have managed to gain access to the U.S. National Nuclear Security Administration. The government agency designs and maintains the country's nuclear weapons.

    Information Security Netherlands July 28, 2025

    News press release

    News press release

    According to a spokesperson, the intrusion occurred via ToolShell: "The department was minimally affected due to the widespread use of the Microsoft M365 cloud and highly capable cyber security systems. (...) A very small number of systems were affected. All affected systems are being restored." No sensitive or classified data would have been compromised in the process.

    Emergency patches

    At issue are two vulnerabilities in Microsoft SharePoint that converge on ToolShell: CVE-2025-53770 and CVE-2025-53771. Microsoft has urgently made available two emergency patches. Also, the tech company has published detailed additional, mandatory mitigation steps that software administrators should take to protect their installations.

    Governments

    According to Bloomberg, the victims of the attack would include several governments in Europe and the Middle East, as well as the U.S. Department of Education, the Florida Department of Revenue and the Rhode Island General Assembly.

    Click here for Bloomberg's report.

    Share article

    Comments

    MORE REACTIONS

    Leave a comment

    You must be logged in to post a comment.

    NEWS

    Dutch providers targeted by Salt Typhoon

    News press release

    NIS2: risk analysis of own organization helps get a grip on supplier management

    Blog

    Criminal investigation into theft of personal data

    News press release

    Tips on secondary victimization of data theft

    News press release

    How can you mitigate the impact of data theft? Collaborative Melissa has published best practices (advice and measures) for organizations facing them.

    NCSC publishes GitHub checkscripts for Citrix systems

    News press release
    Information Security Netherlands

    The Cybersecurity Act: new legal foundation for digital resilience

    Blog

    Netherlands late with NIS2 implementation: law unlikely to take effect until spring 2026

    News press release

    Nearly one in three ransomware victims hit multiple times

    News press release

    Stricter security requirements for wireless devices starting Aug. 1, 2025

    News press release
    State Digital Infrastructure Inspection

    KENNISPARTNER

    Robert van Vianen

    Contact

    Data breaches: preparing, recognizing and responding

    During this course, the current state of affairs regarding the mandatory data breach notification will be covered. What exactly qualifies a data breach and what legal obligations apply with respect to a data breach? The additional obligations that follow from the policy rules of the regulators and the practice around reporting a data breach to the Personal Data Authority will also be discussed. In addition, other relevant factors, such as reporting, how to speak to the press and the options for preparing for a data breach will be discussed in detail during this course.

    Learn more

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2025 Berghauser Pont | Website created by Buro Zero