惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

宝玉的分享
宝玉的分享
Recent Commits to openclaw:main
Recent Commits to openclaw:main
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
罗磊的独立博客
V
Visual Studio Blog
爱范儿
爱范儿
H
Help Net Security
J
Java Code Geeks
I
InfoQ
Recent Announcements
Recent Announcements
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Recorded Future
Recorded Future
Jina AI
Jina AI
Microsoft Security Blog
Microsoft Security Blog
WordPress大学
WordPress大学
GbyAI
GbyAI
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Y
Y Combinator Blog
Google DeepMind News
Google DeepMind News
Scott Helme
Scott Helme
S
SegmentFault 最新的问题
S
Securelist
L
LINUX DO - 热门话题
Cyberwarzone
Cyberwarzone
C
Cisco Blogs
Simon Willison's Weblog
Simon Willison's Weblog
G
Google Developers Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - 叶小钗
T
The Blog of Author Tim Ferriss
博客园_首页
B
Blog
F
Fortinet All Blogs
AWS News Blog
AWS News Blog
V
Vulnerabilities – Threatpost
S
Secure Thoughts
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Forbes - Security
Forbes - Security
S
Security @ Cisco Blogs
T
Threat Research - Cisco Blogs
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
S
Schneier on Security
Project Zero
Project Zero
Martin Fowler
Martin Fowler
C
Cybersecurity and Infrastructure Security Agency CISA
N
Netflix TechBlog - Medium
N
News and Events Feed by Topic

NetBird - Networking Knowledge Hub - RSS Feed

NetBird Is Now on the Vultr Marketplace Native NetBird on the GL.iNet Comet Pro (GL-RM10) NetBird v0.71 - IPv6 Overlay Addressing NetBird Exit Nodes - Appear at Home, or Anywhere Else Reporting Bugs and Requesting Features in NetBird Setup and Use Local AdGuard Home Anywhere with NetBird DNS How to Set Up NetBird on PiKVM for Secure Remote KVM Access NetBird v0.69 - CrowdSec IP Reputation for the Reverse Proxy Cloudflare Mesh vs NetBird vs Tailscale: Performance Compared Self-Hosting Nextcloud with Docker and NetBird Implementing Zero Trust with NetBird NetBird v0.67 - Layer 4 Proxy Support for TCP, UDP, and TLS Solwr Enhances Remote Connectivity with NetBird Self-Hosting NetBird with Authentik Jellyfin Media Server - Self-Host Your Movies, TV, and Music Cloudflare Tunnels vs. NetBird Reverse Proxy INFITX Builds Zero-Touch Kubernetes Networking with NetBird NetBird v0.66 - Expose Local Services to the Internet from the CLI Pangolin vs. NetBird Home Assistant Setup Guide with EASY Remote Access NetBird v0.65 - Built-in Reverse Proxy with Custom Domains Docker for Beginners - Everything You Need to Get Started NetBird for SOC 2 Compliance NetBird v0.63 - Custom DNS Zones for Private Network Resolution Vibecode This in a Weekend and Take 5% of the Company NetBird v0.62 - Built-in Local Users with Optional IdP Integration NetBird v0.61.0 - Granular SSH Access Control and Automatic Updates Top 5 Alternatives to OpenVPN Top 5 Open Source Alternatives to Tailscale Top 5 Alternatives to ZeroTier How to Set Up ZeroByte and REST Server for Backups with NetBird How to Install n8n v2.0 with NPM and PM2 ZeroTier vs. NetBird The Ultimate Immich Guide - Ditch Google and Amazon Photos for Good NetBird as Your Help with ISO 27001 Compliance NetBird and Huntress - Secure Network Access for MSPs How to Access Windows Shares from Anywhere with NetBird netgo Relies on Modern ZTNA with NetBird Connect to Your Homelab from Anywhere with a Raspberry Pi NetBird SSH - A New, Identity-Aware Approach The AI Mega Mesh: How to Connect 30+ GPU Cloud Providers Connect Multiple Ollama GPUs to OpenWebUI with NetBird Top 5 Tailscale Alternatives SSH and RDP, now in your browser NetBird–Acronis Integration: Empowering MSPs for Advanced Ransomware and Threat Defense Introducing the Control Center - Remote Access, Beautifully Visualized NetBird at MSP Global 2025 Understanding Overlay Networks - The Basics NetBird and SentinelOne Singularity™ - Automate Threat Response NetBird and Microsoft Intune - Enforcing Device Compliance for Zero Trust Rethinking Zero Trust Security with NetBird and pfSense Improving Unidirectional Access Control Proxmox VE for Beginners Guide with NetBird LXC Stronger Security: NetBird + GitHub Secure Open Source Fund NetBird's MSP Partner Program Signicat Enhances Cross-Cloud Accessibility with NetBird SonicWall SSL VPN NetExtender vs. NetBird NetBird Is Embracing the AGPLv3 License NetBird Profiles Have Landed - Manage Multiple Accounts Effortlessly Sport Alliance Increases Efficiency with Zero Trust Networking at Scale Rethinking Network Access: qwertiko Goes Zero Trust with NetBird Optimizing Network Efficiency with NetBird's Lazy Connections Use Port Ranges in Access Control Policies Generic HTTP Endpoint for Network Events Streaming NetBird’s Response to Spear-Phishing Campaign Targeting Financial Executives Zero-Trust Access to Internal Resources Without Installing Agents Enhance Network Visibility with NetBird’s Traffic Events Logging TrueNAS Made Easy - Install, Set Up, and Access From Anywhere Top 5 Alternatives for WireGuard Jump Hosts. Gateways for Remote Access NetBird Network Routes and Exit Nodes Security for All - SSO and MFA for Free Enhancing Network Access Control with NetBird's Identity Provider Feature Twingate vs. NetBird Limit Network Access Based on Running Applications FortiClient ZTNA vs. NetBird OpenVPN vs. NetBird Tailscale vs. NetBird Getting Started with an Azure Site-to-Site VPN Getting Started with an On-premise-to-AWS Site-to-Site VPN Secure Remote Access to VPCs, LANs, and Offices regreSSHion - A New OpenSSH Server Remote Code Execution Vulnerability Evolve Bank & Trust Data Breach. What Happened? What Is a Site-to-Site VPN? IPSec Tunneling Demystified. Enhancing Data Security Across Networks Understanding IPSec Tunnel and Transport Modes Understanding the Differences Between IKEv1 and IKEv2 Understanding the IKEv1 Protocol in IPSec ZeroTier versus NetBird - Which Should You Choose? AWS Lambda Serverless Security. Mistakes, Oversights, and Potential Vulnerabilities Using NetBird for Kubernetes Access Serverless Security Vulnerabilities and Best Practices to Mitigate Them Security Best Practices for Serverless Azure Functions A Guide to Remote Access Security for SMEs IoT Security Essentials. How to Achieve Secure Remote Access Open Source Zero Trust Networking Using SSH for Secure Remote Access How We Integrated Rosenpass in NetBird The First Quantum-Resistant Mesh VPN Using eBPF and XDP to Share Default DNS Port Between Multiple Resolvers
Rethinking Access Control to Secure Your On-Premises SharePoint Servers
Written byNaren Vaideeswaran · 2025-07-23 · via NetBird - Networking Knowledge Hub - RSS Feed

Microsoft recently published a critical security advisory on 2 vulnerabilities, CVE-2025-53770 and CVE-2025-53771, affecting on-premises Sharepoint servers. Though Microsoft has now made security updates available for these vulnerabilities (referred to as ToolShell exploit), this was labeled as a critical 9.8 CVSS zero day vulnerability. If your organization has Microsoft SharePoint Server 2019 or Microsoft SharePoint Server 2016 that’s exposed to the internet, make sure these have the latest security updates from Microsoft.

But, security for your organization cannot be this reactive. Several large organizations, US government agencies and critical infrastructure providers were affected by this vulnerability, despite having strong perimeter defenses like firewalls, IDS and IPS systems.

What Really Happened?

The ToolShell attack was a strategic execution that proved that traditional perimeter security is no longer effective against the modern adversary. The vulnerability was possible because the SharePoint server was exposed, and easily accessible from the internet. The adversary exploited the CVE-2025-53771 vulnerability, bypassing authentication by sending a specially crafted request that was trusted by the exposed SharePoint servers. Of course, this was seen as a legitimate request and the perimeter firewall let it pass, opening the front doors to the adversary.

Once the adversary got the foothold into the server, they exploited a critical remote code execution flaw (CVE-2025-53770) to run commands and made the server execute the malicious payload that was disguised as normal application data. Finally, the adversaries used remote access to grab the server’s cryptographic machineKey; the ValidationKey and DecryptionKey, eventually giving them persistent, authenticated access to the machines.

Impacted on-prem SharePoint versions:

  • SharePoint Server Subscription Edition
  • SharePoint Server 2019
  • SharePoint Server 2016

Microsoft recommends patching these servers and also highlights that their cloud-hosted Microsoft 365 SharePoints are unaffected by this breach.

Defending Against These Vulnerabilities: Make Your Sharepoint Servers Invisible to Adversaries

Instead of the traditional castle-and-moat strategy for protecting your SharePoint servers, you must shift to a strategy that makes the servers invisible to adversaries. Moving from traditional perimeter-based defenses to secure overlay networks built on the foundational principles of Zero Trust should be your go to strategy that will empower you to enable proactive security.

Secure On-Premises Sharepoint Servers With Netbird Networks

NetBird, built on the industry-proven, high-performance WireGuard® protocol creates radically simple and secure overlay networks. Simply install the super-lightweight NetBird agent on your users’ devices - be it on Windows/Mac laptops, workstations or mobile devices (iOS and Android) or even Docker containers.

Further, in your environment, if you cannot or do not wish to install an agent—such as SharePoint servers, managed database services (e.g., AWS RDS), printers, legacy servers, or sensitive IoT devices, NetBird Networks feature provides a powerful, secure and super-simple remote access. With NetBird Networks simply deploy one or more NetBird agents as ' routing peers ' inside your private network segments (like an AWS VPC or an on-premise LAN). NetBird ensures robust connectivity with built in high availability . You get the flexibility to install multiple routing peers to avoid a single point of failure.

Secure SharePoint Servers with NetBird Networks

NetBird establishes encrypted tunnels between your user devices and routing peers without a need for open ports, effectively ‘cloaking’ your SharePoint servers from the public internet. This means that your SharePoint servers will no longer have their public IPs exposed, to be scanned, probed or exploited by adversaries. Your SharePoint server is accessible only to other authenticated and authorized peers and users within the private NetBird network. With this simple architectural change, you eliminate the external threat surface that adversaries rely on for initial reconnaissance and exploitation. The adversary simply cannot attack what they cannot see.

Remove Entry Points Into the Network by Eliminating Open Firewall Ports

NetBird Networks gives you the confidence to close inbound ports on your firewalls. This unique feature of NetBird doesn't require open ports in the firewall, enabling you to establish connections even when all inbound ports are closed. When your users access SharePoint, their devices establish a direct, encrypted tunnel to the server, completely eliminating the risk of ToolShell attacks. Since NetBird is built from the ground up on the core principles of Zero Trust, you will now move from the ‘allow by default’ on your firewalls to ‘deny by default’, only allowing access tied to identities and the principle of least privileges.

MethodologyPerimeter SecurityNetBird Zero Trust
Access PostureAllow by default (loved by adversaries!)Deny by default
Trust PostureIP addressesIdentity and context (user + device). Secure by default
ExposureVisible to adversaries (exposed critical apps/servers)Cloaked (invisible to the public internet)
Access ControlPort-levelGranular: Restrict access to specific servers/services/apps for specific users, user groups, based on identity, context and device posture

Conclusion

The ToolShell exploit on on-premises SharePoint servers is a clear message that exposes the flaws of traditional perimeter-based infrastructure. We strongly advise you to patch your SharePoint servers immediately, following Microsoft’s security guidance. No organization can afford to continue this highly reactive and disruptive security path. By adopting NetBird’s Zero Trust overlay networks, you can decisively shift to a proactive security posture, making your critical infrastructure invisible to attackers.

“NetBird has fundamentally transformed our network management operations, eliminating outages, simplifying operations, and enabling secure, scalable connectivity through code. What used to be a fragile, error-prone setup is now a robust, policy-driven system that fits the way we structure and secure our infrastructure.” - Sport Alliance