Critical Zero-Day Vulnerability Detected in Microsoft SharePoint

Microsoft has confirmed a critical zero-day vulnerability in SharePoint Server, tracked as CVE-2023-29357, which is currently being exploited in the wild. This spoofing vulnerability allows attackers to escalate privileges and impersonate privileged users—gaining unauthorized access to sensitive systems and data.

This issue impacts multiple versions of Microsoft SharePoint Server, making it a significant risk for enterprises relying on SharePoint for collaboration, document management, and workflow automation.

What Is CVE-2023-29357?

• Type: Spoofing vulnerability leading to privilege escalation

• Severity: Critical (CVSS Score: 9.8)

• Exploit Status: Active exploitation observed

• Impact: Unauthorized administrator-level access without credentials

• Cause: Improper validation of JSON Web Tokens (JWTs)

Who Is at Risk?

Organizations running unpatched or outdated versions of Microsoft SharePoint Server—especially self-hosted or hybrid environments—are vulnerable to this exploit. Attackers can bypass authentication mechanisms, gain elevated access, and potentially move laterally within an organization’s network.

What Are the Recommendations?

Barracuda, a renowned cybersecurity solution provider recommends the following immediate actions to mitigate this threat:

1. Apply Emergency Microsoft Updates

• For SharePoint Server 2019:

  • KB5002754 (Core)

  • KB5002753 (Language Pack)

• For SharePoint Enterprise Server 2016:

  • KB5002760 (Core)

  • KB5002759 (Language Pack)

• For SharePoint Subscription Edition:

  • KB5002768

2. Rotate SharePoint Machine Keys After Applying Patches

• Using PowerShell:

  • Generate keys:
    Set-SPMachineKey -WebApplication <SPWebApplicationPipeBind>

  • Deploy keys:
    Update-SPMachineKey -WebApplication <SPWebApplicationPipeBind>

• Using Central Admin:

  • Go to Central Administration > Monitoring > Review job definitions

  • Locate Machine Key Rotation Job and select Run Now

  • After completion, run iisreset.exe on all SharePoint servers

3. Check for Signs of Exploitation

• Look for:

  • The creation of:
    C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\TEMPLATE\LAYOUTS\spinstall0.aspx

  • IIS logs showing POST requests to:
    _layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx
    with HTTP referrer _layouts/SignOut.aspx

• Run the following Microsoft 365 Defender query:

kusto

DeviceFileEvents
| where FolderPath has "MICROS~1\\WEBSER~1\\16\\TEMPLATE\\LAYOUTS"
| where FileName =~ "spinstall0.aspx" or FileName has "spinstall0"
| project Timestamp, DeviceName, InitiatingProcessFileName, InitiatingProcessCommandLine, FileName, FolderPath, ReportId, ActionType, SHA256
| order by Timestamp desc

4. Reduce External Exposure and Monitor Activity

• Restrict internet exposure of SharePoint servers using:

  • Firewalls

  • VPNs

  • Zero-trust access controls

• Enable detailed SharePoint logging

• Monitor for:

  • Unusual file uploads or web shell activity

  • Unexpected changes or connections from suspicious IPs

5. Isolate Critical Infrastructure

• Separate SharePoint servers from critical internal systems to reduce the impact of a breach

• Reinforce patch management processes and employee awareness of vulnerabilities

How ITCS and Barracuda Can Help

As a certified Barracuda partner, ITCS helps organizations respond quickly and effectively to zero-day threats through:

• Advanced threat protection and monitoring

• Automated patch management and vulnerability scanning

• Secure SharePoint backup and cloud continuity solutions

• Strategic threat response planning and training

Our team is ready to assess your SharePoint environment and implement Barracuda-powered mitigation strategies tailored to your organization’s needs.

Take Action Now

This zero-day vulnerability presents a serious risk. ITCS is here to help you:

• Assess your exposure

• Apply the right patches

• Secure your SharePoint environment against future threats

Contact us today for a free consultation or emergency assessment.

Visit: www.itcs.com.pk
Email: info@itcs.com.pk

Emerging Trends in Tech: How AI, IoT, and Blockchain Are Shaping Our Future

The world of technology is evolving rapidly, and three transformative innovations — Artificial Intelligence (AI), the Internet of Things (IoT), and Blockchain Technology — are redefining how we live, work, and do business. From predictive automation to intelligent data management, these trends are fueling digital transformation across sectors.

At the heart of this transformation are IT solution providers like ITCS, a Microsoft Tier 1 CSP Direct Partner, helping over 300 SMEs and enterprises unlock the true potential of modern technology through cloud infrastructure, cybersecurity, and scalable software services.

Let’s explore how AI, IoT, and Blockchain are reshaping the digital world — and how ITCS delivers the tools and expertise to help businesses stay ahead.

Artificial Intelligence: Powering a Smarter Tomorrow

From self-driving cars to AI-driven chatbots, Artificial Intelligence is revolutionizing how decisions are made, products are delivered, and experiences are personalized.

AI applications are now deeply embedded across industries:

• In the modern workplace, Microsoft 365 Copilot uses AI to streamline workflows, generate content, and automate repetitive tasks — all integrated with the Microsoft Modern Work suite offered by ITCS.

• In cybersecurity, AI-enabled platforms such as Sophos Intercept X, Rapid7 Insight, and Kaspersky Endpoint Security proactively detect and respond to threats before they cause harm — all available in ITCS’s product portfolio.

As organizations increasingly rely on data to drive operations, AI serves as the analytical backbone — and with ITCS providing Microsoft Azure Cloud solutions, businesses can deploy, scale, and manage AI workloads securely and efficiently.

Internet of Things: Interconnecting Devices for Greater Efficiency

The Internet of Things (IoT) is creating smart environments by connecting everyday devices to the internet — enabling automation, monitoring, and real-time control.

From smart homes to smart cities and industrial automation, IoT is transforming entire ecosystems:

• In enterprise IT, IoT-ready infrastructure from Huawei, Lenovo, Dell, and HPE enables seamless integration of devices and data.

• In network management, tools like SolarWinds, Ruckus, and Ruijie help monitor and optimize performance across large-scale connected environments.

At ITCS, we help businesses implement and manage IoT-ready infrastructure with end-to-end solutions — from device deployment to security management — ensuring reliable and scalable outcomes.

Blockchain Technology: Securing the Future of Trust

Often associated with cryptocurrency, Blockchain is a game-changing ledger technology that offers secure, transparent, and tamper-proof transactions. But its applications go far beyond finance.

• In supply chain management, blockchain helps track goods from origin to delivery, reducing fraud and increasing transparency.

• In cloud security, integrations with Microsoft Azure Confidential Ledger and secure tools like Fortinet, Acunetix, and Burp Suite ensure immutable data storage and zero-trust environments.

ITCS enables businesses to build secure digital ecosystems by combining blockchain-enabled cloud architecture with enterprise-grade cybersecurity solutions — making data integrity and compliance easier to achieve than ever.

The Convergence of AI, IoT, and Blockchain: Real-World Impact

The true power of these technologies is realized when they converge. For example:

• A smart factory uses IoT sensors to track machine performance, AI to predict failures, and blockchain to log every maintenance event — creating a closed-loop system of intelligence and trust.

• In healthcare, AI algorithms diagnose conditions faster, IoT medical devices monitor patient vitals in real time, and blockchain secures patient records for tamper-free data exchange.

ITCS helps enterprises bring this vision to life. Our broad portfolio includes tools from Microsoft, VMWare, AutoCAD, Zoom, and Adobe, empowering every department — from IT and operations to marketing and development — to participate in the future of innovation.

Why ITCS?

As a trusted IT consulting and services provider, ITCS offers:

• Microsoft Modern Work and Azure Cloud solutions for seamless digital transformation

• A wide array of IT products from top brands, including Barracuda, Veeam, PRTG, Plesk, Nessus Professional, and many others

• Competitive pricing, local support, and expert guidance for product acquisition, licensing, renewals, and deployment

Final Thoughts

As we move into an increasingly interconnected and intelligent future, embracing emerging technologies like AI, IoT, and Blockchain isn’t just innovative — it’s essential. Whether you’re a startup or a large enterprise, the right partners and tools will define your success.

🔍 Need expert guidance on deploying next-gen tech in your business?

Contact ITCS today to explore future-ready IT solutions backed by top-tier support and a portfolio of world-class technology providers.

Are you looking to optimize cloud costs and performance? Learn how to automatically resize your Azure Virtual Machines (VMs) using Azure Automation Accounts.

Managing cloud resources efficiently is key to optimizing performance and controlling costs. In this guide, you’ll learn how to automate Azure VM resizing using Azure Automation Accounts and Runbooks. Whether you’re scaling up for high-traffic hours or scaling down after hours, this tutorial shows you how to schedule automatic virtual machine size changes based on your business needs — no manual intervention required.

Step 1:

Go to Azure portal and search for Automation Accounts.

Step 2:

Click on Create Automation Account.

Step 3:

Enter the detail and click on Review + Create.

Step 4:

Verify detail and click on Create and wait for the deployment to be complete.

Step 5:

Once deployment is complete, Click on Go to Resource.

Step 6:

Search Identity and copy Object ID.

Step 7:

Go to the Resource Group of VM you want to Automatically Resize.

Access Control (IAM) -> Add Role Assignment

Step 8:

On the Job function roles, select Virtual Machine Contributor.

Step 9:

Go to the members tab and select Managed Identity then select Review + Assign.

Step 10:

Now go back to Automation Account which was created earlier. Then Go to Runbooks and Create a runbook.

Step 11:

Fill the details and click review and create.

Step 12:

Enter the following command in the Runbook by entering your VM’s Resource Group, VM Name, New VM Size and then click Publish.

param (

    [string]$ResourceGroupName = "VM Resource Group",

    [string]$VMName = "VM Name",

    [string]$NewVMSize = "New VM Size"

)

# Login to Azure

Connect-AzAccount -identity

# Stop the VM

Stop-AzVM -ResourceGroupName $ResourceGroupName -Name $VMName -Force

# Update VM size

$vm = Get-AzVM -ResourceGroupName $ResourceGroupName -Name $VMName

$vm.HardwareProfile.VmSize = $NewVMSize

Update-AzVM -ResourceGroupName $ResourceGroupName -VM $vm

# Start the VM

Start-AzVM -ResourceGroupName $ResourceGroupName -Name $VMName

Write-Output "VM $VMName resized to $NewVMSize"

Step 13:

Schedule VM to resize automatically.

Go to Schedules then Add a Schedule then link Runbook with your schedule.

Note: You can create multiple runbooks within the same Automation Account by following the same steps and schedule them as needed. For example, you might want your VM to run with 16 GB RAM in the morning and 4 GB RAM at night.

Please be aware that the virtual machine will reboot to apply the size changes according to the defined schedules.

Conclusion

Automating your Azure Virtual Machine resizing with Automation Accounts and Runbooks is a smart way to optimize performance, reduce costs, and streamline resource management. With just a few steps, you can take full control over your VM scaling strategy and align your cloud infrastructure with your business needs.

Need expert help implementing Azure automation or scaling your cloud infrastructure?
Partner with ITCS—your trusted technology partner for secure, scalable, and cost-efficient IT solutions in Pakistan.

📩 Contact us today to discuss how we can support your digital transformation goals.

Artificial intelligence (AI) has officially entered the mainstream. According to a recent Deloitte report, 78% of companies plan to increase their AI investments in 2025, with 74% reporting that their generative AI (GenAI) projects have met or exceeded expectations.

But as AI becomes more accessible, so does its potential for misuse. While businesses benefit from smarter tools and faster processes, malicious actors are also leveraging large language models (LLMs) to launch sophisticated cyberattacks. These “dark LLMs” are pushing the boundaries of what’s possible — in all the wrong ways.

What Are Dark LLMs?

Dark LLMs are large language models with their safety guardrails removed or deliberately disabled. Built on powerful open-source platforms, these models are trained like their legitimate counterparts — using enormous datasets to understand and generate human-like language. But instead of helping businesses or individuals solve problems, they’re designed for harm.

Guardrails in mainstream LLMs (like OpenAI’s ChatGPT or Google’s Bard) are there to prevent harmful outputs. They typically block prompts that ask for illegal advice, malicious code, or dangerous misinformation. However, with the right “jailbreak” commands or custom training, these models can be manipulated — or created from scratch — to deliver exactly what attackers want.

Dark LLMs don’t just bypass safeguards. They are the safeguard-free versions.

Meet the Malicious Models

The dark web and encrypted platforms are now home to several widely used dark LLMs. Here’s a look at some of the most notorious:

• WormGPT: A powerful model with 6 billion parameters, WormGPT is sold behind a paywall on the dark web. It’s frequently used to generate highly convincing phishing emails and business email compromise (BEC) attacks.

• FraudGPT: A cousin of WormGPT, this LLM can write malicious code, build fake websites, and discover system vulnerabilities. It’s available on both the dark web and platforms like Telegram.

• DarkBard: A malicious clone of Google’s Bard. It mimics Bard’s functionalities, but with zero ethical restraints.

• WolfGPT: A newer entrant, WolfGPT is written in Python and advertised as an “uncensored” version of ChatGPT.

These dark LLMs are often sold as subscriptions or as-a-service offerings, giving hackers access to on-demand AI capable of launching large-scale, personalized attacks.

Why Should Businesses Be Concerned?

Dark LLMs give cybercriminals a serious upgrade. They:

• Write malware or exploit code faster and more effectively

• Generate realistic phishing emails that are nearly impossible to detect

• Help attackers identify weak points in enterprise infrastructure

In other words, they automate malicious creativity — at scale.

Worse, even standard LLMs can be turned “dark” using advanced jailbreak prompts. This means that nefarious capabilities are only a few steps away, even for someone using a publicly accessible tool.

Mitigating the Risks of Dark LLMs

Yes, dark LLMs are dangerous — but they’re not infallible. Their capabilities still depend on human input and direction. And like all AI, they make mistakes. Even mainstream LLMs have shown quirks when applied in the real world, such as generating fake book titles or failing at fast food orders (like accidentally adding 260 chicken nuggets).

The good news? Strong cybersecurity hygiene still works. Here’s how companies can defend themselves:

1. Empower Your People

Even the most sophisticated AI-powered phishing attempt still requires one thing: a click. That’s where human training comes in.

• Run regular phishing simulations

• Teach employees how to spot social engineering red flags

• Foster a “see something, say something” culture

Humans are still your first and strongest line of defense.

2. Focus on the Fundamentals

Go back to cybersecurity basics:

• Strong password policies

• Multi-factor authentication

• Zero trust architectures

• Encryption protocols

These best practices are just as effective against LLM-enabled threats as traditional ones.

3. Use AI Against AI

Don’t just defend — fight fire with fire. AI-powered security platforms can detect anomalies faster than human teams alone.

• Use machine learning models to identify unusual traffic

• Invest in real-time threat detection and response tools

• Regularly update systems and patch vulnerabilities

AI may be the weapon of choice for cybercriminals, but it can also be the shield for defenders.

Final Thoughts

The rise of dark LLMs shows the double-edged nature of generative AI. For every advancement in productivity or creativity, there’s an equal opportunity for exploitation.

But dark LLMs don’t have to win. With a combination of strong human oversight, foundational security protocols, and next-gen detection tools, businesses can stay a step ahead of cybercriminals — and shine a light into the darkest corners of AI misuse.

Want to stay ahead in the AI security game?
Subscribe or contact us for more insights, best practices, and expert takes on emerging tech threats.

AI Automation Is Changing B2B – Here’s How

B2B companies today want to move faster, save money, and work smarter. One of the biggest ways they’re doing this? AI-powered automation. This technology helps businesses handle tasks automatically using artificial intelligence, making work easier and more efficient.

What Is AI-Powered Automation?

AI-powered automation uses smart technology to do tasks that humans usually do—like sorting data, replying to emails, or sending invoices. It can also analyze patterns and help businesses make better decisions.

Why Is It So Popular Right Now?

In 2025, more and more B2B companies are using AI because:

• Teams are working remotely

• Customers want faster responses

• Businesses need to use data better

• There’s a shortage of skilled workers

Top Benefits for B2B Businesses

Saves Time and Effort

AI handles repetitive tasks—like updating spreadsheets or processing orders—so your team can focus on bigger things.

Faster and Smarter Decisions

AI tools can predict trends, recommend actions, and help make better business choices.

Better Customer Service

With AI chatbots and email automation, customers get answers faster and more personalized help.

Cuts Costs

Fewer manual tasks = less labor needed and fewer errors.

Where B2B Companies Are Using It

• Supply Chain: Predicts product demand, plans deliveries.

• Sales & Marketing: Sends emails, scores leads, writes content.

• Finance: Automates invoices and catches fraud.

Popular AI Tools in 2025

Things to Watch Out For

AI is powerful, but there are challenges:

• Keeping data safe

• Cost of getting started

• Helping teams adapt to change

• Teaching employees how to use it

Final Thoughts

AI-powered automation is here to stay. For B2B businesses, it’s not just helpful—it’s becoming necessary. If you want to stay ahead, now’s the time to start using smart tools that save time, improve service, and boost profits.

Get in touch with our AI experts today to learn more!