{"id":6915,"date":"2025-07-23T17:32:51","date_gmt":"2025-07-23T17:32:51","guid":{"rendered":"https:\/\/inferassessoria.com.br\/?p=6915"},"modified":"2025-08-21T15:12:24","modified_gmt":"2025-08-21T15:12:24","slug":"licoes-sobre-o-ataque-zero-day-ao-microsoft-sharepoint","status":"publish","type":"post","link":"https:\/\/inferassessoria.com.br\/en\/licoes-sobre-o-ataque-zero-day-ao-microsoft-sharepoint\/","title":{"rendered":"Li\u00e7\u00f5es sobre o ataque Zero-Day ao Microsoft SharePoint"},"content":{"rendered":"<p class=\"wp-block-paragraph\">Em 21 de julho de 2025, pesquisadores da Eye Security, em parceria com a Shadowserver Foundation, identificaram \u201cataques ativos\u201d contra inst\u00e2ncias <strong>self-hosted<\/strong> do SharePoint Server da Microsoft. A falha permitia a implanta\u00e7\u00e3o de backdoors, garantindo acesso persistente a dados corporativos sens\u00edveis. At\u00e9 aquele fim de semana, cerca de 100 organiza\u00e7\u00f5es, sobretudo nos EUA e na Alemanha, incluindo \u00f3rg\u00e3os governamentais, j\u00e1 haviam sido comprometidas.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Principais pontos do incidente<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-e295e7261d1054bddbdb9da3e544b615\"><strong>Vetor de ataque<\/strong>: explora\u00e7\u00e3o de vulnerabilidade zero-day no SharePoint Server self-hosted;<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-cef6009e297a0bd780c7cd0acb617055\"><strong>Impacto<\/strong>: poss\u00edvel instala\u00e7\u00e3o de backdoors e exfiltra\u00e7\u00e3o de documentos confidenciais;<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-64e176c831a311209213f0b1c378b993\"><strong>Resposta da Microsoft<\/strong>: emiss\u00e3o de atualiza\u00e7\u00e3o de seguran\u00e7a no mesmo dia em que o alerta foi emitido;<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-8dbe091619ea942fe202950847c3cd06\"><strong>Apoio de autoridades<\/strong>: FBI e Centro Nacional de Seguran\u00e7a Cibern\u00e9tica do Reino Unido monitoraram o incidente em coopera\u00e7\u00e3o com a Microsoft.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Mas quais s\u00e3o os impactos legais e regulat\u00f3rios?<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-helvetica-neue-font-family\"><strong>Responsabilidade administrativa (LGPD)<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">A LGPD (Lei 13.709\/2018) exige que controladores e operadores adotem medidas t\u00e9cnicas e administrativas eficazes para proteger dados pessoais contra acesso n\u00e3o autorizado e viola\u00e7\u00f5es. Na pr\u00e1tica:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-ede5a2931edbb48c8263d35c63b02cf9\"><strong>DPIA (Relat\u00f3rio de Impacto \u00e0 Prote\u00e7\u00e3o de Dados)<\/strong>: fundamental para sistemas que hospedam dados de clientes e parceiros, como SharePoint utilizado para colabora\u00e7\u00e3o interna;<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-a168bd20793dcd794e7c407065ccb772\"><strong>Comunica\u00e7\u00e3o de incidente<\/strong>: obrigat\u00f3ria em at\u00e9 72 horas \u00e0 ANPD, sob pena de multas de at\u00e9 2% do faturamento anual, limitadas a R$ 50 milh\u00f5es por infra\u00e7\u00e3o.<br><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading has-helvetica-neue-font-family\"><strong>Compliance de TI e requisitos contratuais<\/strong><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Empresas reguladas (bancos, fintechs, healthtechs) tamb\u00e9m devem observar normas setoriais, como a <strong>Resolu\u00e7\u00e3o CMN 4.658\/2018<\/strong> (gest\u00e3o de riscos de TIC) e mecanismos de governan\u00e7a exigidos por reguladores como Bacen ou Anvisa.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Li\u00e7\u00f5es jur\u00eddicas para empresas de tecnologia<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-25a906ed2b2bc0ea67a00661ef167fa0\"><strong>Gest\u00e3o de vulnerabilidades e patches<\/strong><strong><br><\/strong><\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Estabele\u00e7a processos autom\u00e1ticos de aplica\u00e7\u00e3o de patches cr\u00edticos em at\u00e9 48 horas ap\u00f3s a libera\u00e7\u00e3o;<br>Mantenha um invent\u00e1rio atualizado de todos os servidores on-premises e em nuvem.<br><\/p>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-a6dc0f1453cb37d6318251b1cc5983e2\"><strong>Contratos de software e SLA de seguran\u00e7a<\/strong><strong><br><\/strong><\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Insira cl\u00e1usulas que obriguem o fornecedor a notificar em \u201ctempo real\u201d sobre vulnerabilidades e atualiza\u00e7\u00f5es de seguran\u00e7a;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><br>Defina penalidades e n\u00edveis de servi\u00e7o (SLA) para corre\u00e7\u00e3o de falhas cr\u00edticas.<br><\/p>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-4be6d11aba6c7c371728adb6df1ecdd8\"><strong>Plano de resposta a incidentes (IRP)<\/strong><strong><br><\/strong><\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Documente fluxos de conten\u00e7\u00e3o, erradica\u00e7\u00e3o e recupera\u00e7\u00e3o espec\u00edficos para ataques a infraestruturas de TI on-premises;<br><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Prepare templates de comunica\u00e7\u00e3o para ANPD, \u00f3rg\u00e3os reguladores setoriais e stakeholders.<br><\/p>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-7a3a16f51e406036e3e3889c1ffea327\"><strong>Monitora\u00e7\u00e3o e threat intelligence<\/strong><strong><br><\/strong><\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Contrate servi\u00e7os de \u201cmanaged detection\u201d para identificar varreduras de rede e comportamento an\u00f4malo em SharePoint;<br><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Integre feeds de intelig\u00eancia (por exemplo, Shadowserver, CERT.br) ao seu SIEM.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Boas pr\u00e1ticas de governan\u00e7a de dados<\/strong><br><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-9671dac3e981b6dc009fd6a188b9bf3b\"><strong>Mapeamento de dados<\/strong>: identifique onde documentos sens\u00edveis s\u00e3o armazenados e quem tem acesso;<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-dc4433aefa65a3535207d8b8a2012e85\"><strong>Classifica\u00e7\u00e3o da informa\u00e7\u00e3o<\/strong>: defina n\u00edveis de criticidade (p\u00fablico, interno, confidencial, restrito) e aplique controles compat\u00edveis;<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-8dc593d28077e47753cb437e7256d824\"><strong>Auditoria cont\u00ednua<\/strong>: agende pentests semestrais e revis\u00f5es trimestrais de logs de acesso e altera\u00e7\u00f5es de configura\u00e7\u00e3o.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Plano de a\u00e7\u00e3o recomendado<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Refor\u00e7o contratual<\/strong><strong><br><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Renegocie contratos com fornecedores de TI, incluindo cl\u00e1usula de \u201cright to audit\u201d e SLA de seguran\u00e7a;<br><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Implementa\u00e7\u00e3o de Ferramentas<\/strong><strong><br><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Adote solu\u00e7\u00f5es de EDR\/XDR e monitora\u00e7\u00e3o de vulnerabilidades em tempo real;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Para concluir, o ataque zero-day ao Microsoft SharePoint evidencia que nenhuma organiza\u00e7\u00e3o, por maior que seja sua estrutura, est\u00e1 livre de riscos cibern\u00e9ticos. Para empresas de tecnologia e startups em fase de opera\u00e7\u00e3o ou maturidade, o trip\u00e9 jur\u00eddico-t\u00e9cnico\u2013governan\u00e7a \u00e9 fundamental:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-8f04eb7b5457b0568a229c17ccafe3e0\"><strong>Jur\u00eddico<\/strong> \u2013 Contratos claros e compliance regulat\u00f3rio (LGPD, normas setoriais).<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-f8cef28b37b5fce85da25265365b4ba9\"><strong>T\u00e9cnico<\/strong> \u2013 Gest\u00e3o \u00e1gil de vulnerabilidades, SIEM\/XDR e threat intelligence.<br><\/li>\n\n\n\n<li class=\"has-paragraph-color has-text-color has-link-color wp-elements-a114e24e2a2de5fe5c53309c33bd55ea\"><strong>Governan\u00e7a<\/strong> \u2013 Pol\u00edticas, auditorias cont\u00ednuas e cultura organizacional de seguran\u00e7a.<br><\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Adotar essas pr\u00e1ticas n\u00e3o s\u00f3 mitiga riscos, mas fortalece a confian\u00e7a de clientes, investidores e parceiros, assegurando a perenidade e a reputa\u00e7\u00e3o da sua empresa no mercado.<\/p>","protected":false},"excerpt":{"rendered":"<p>No contexto atual, at\u00e9 mesmo gigantes da tecnologia est\u00e3o expostas a ataques cibern\u00e9ticos sofisticados. H\u00e1 poucos dias, a Microsoft revelou uma campanha de espionagem digital que explorou uma vulnerabilidade \u201czero-day\u201d em seu software de servidor SharePoint, afetando centenas de organiza\u00e7\u00f5es globalmente, refor\u00e7ando a necessidade de medidas jur\u00eddicas e t\u00e9cnicas robustas, que, ali\u00e1s, veremos a seguir.<\/p>","protected":false},"author":1,"featured_media":6940,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tpgb_global_settings":"","nf_dc_page":"","footnotes":""},"categories":[26,33],"tags":[],"class_list":["post-6915","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-juridico","category-lgpd"],"tpgb_featured_images":{"full":["https:\/\/inferassessoria.com.br\/wp-content\/uploads\/2025\/07\/blog_post_julho_23-4.png",2200,1150,false],"tp-image-grid":["https:\/\/inferassessoria.com.br\/wp-content\/uploads\/2025\/07\/blog_post_julho_23-4.png",700,366,false],"thumbnail":["https:\/\/inferassessoria.com.br\/wp-content\/uploads\/2025\/07\/blog_post_julho_23-4-150x150.png",150,150,true],"medium":["https:\/\/inferassessoria.com.br\/wp-content\/uploads\/2025\/07\/blog_post_julho_23-4-300x157.png",300,157,true],"medium_large":["https:\/\/inferassessoria.com.br\/wp-content\/uploads\/2025\/07\/blog_post_julho_23-4.png",768,401,false],"large":["https:\/\/inferassessoria.com.br\/wp-content\/uploads\/2025\/07\/blog_post_julho_23-4-1024x535.png",800,418,true],"default":"https:\/\/inferassessoria.com.br\/wp-content\/plugins\/the-plus-addons-for-block-editor\/assets\/images\/tpgb-placeholder.jpg"},"tpgb_post_meta_info":{"get_date":"23 de July de 2025","get_modified_date":"21 de August de 2025","category_list":{"category":[{"term_id":26,"name":"Jur\u00eddico","slug":"juridico","term_group":0,"term_taxonomy_id":26,"taxonomy":"category","description":"","parent":0,"count":15,"filter":"raw"},{"term_id":33,"name":"LGPD","slug":"lgpd","term_group":0,"term_taxonomy_id":33,"taxonomy":"category","description":"","parent":0,"count":2,"filter":"raw"}],"post_tag":false},"author_name":"bhinfanger","author_url":"https:\/\/inferassessoria.com.br\/en\/author\/bhinfanger\/","author_email":"bhinfanger@gmail.com","author_website":"https:\/\/inferassessoria.com.br","author_description":"","author_facebook":"","author_twitter":"","author_instagram":"","author_role":["administrator"],"author_firstname":"","author_lastname":"","user_login":"bhinfanger","author_avatar":"<img alt='' src='https:\/\/secure.gravatar.com\/avatar\/bdeaf050e6d246e8fa333fe3576204cb51aa594d3240607161779a8c58298cd4?s=200&#038;d=mm&#038;r=g' srcset='https:\/\/secure.gravatar.com\/avatar\/bdeaf050e6d246e8fa333fe3576204cb51aa594d3240607161779a8c58298cd4?s=400&#038;d=mm&#038;r=g 2x' class='avatar avatar-200 photo' height='200' width='200' decoding='async'\/>","author_avatar_url":"https:\/\/secure.gravatar.com\/avatar\/bdeaf050e6d246e8fa333fe3576204cb51aa594d3240607161779a8c58298cd4?s=96&d=mm&r=g","comment_count":7,"post_likes":0,"post_views":0},"tpgb_post_category":{"category":"<a href=\"https:\/\/inferassessoria.com.br\/en\/category\/juridico\/\" alt=\"Jur\u00eddico\"  class=\"category-juridico\">Jur\u00eddico<\/a> <a href=\"https:\/\/inferassessoria.com.br\/en\/category\/lgpd\/\" alt=\"LGPD\"  class=\"category-lgpd\">LGPD<\/a> "},"_links":{"self":[{"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/posts\/6915","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/comments?post=6915"}],"version-history":[{"count":5,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/posts\/6915\/revisions"}],"predecessor-version":[{"id":6935,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/posts\/6915\/revisions\/6935"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/media\/6940"}],"wp:attachment":[{"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/media?parent=6915"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/categories?post=6915"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/inferassessoria.com.br\/en\/wp-json\/wp\/v2\/tags?post=6915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}