Center for Internet Security, Inc. (CIS)
Expert SLTT Support in Face of the ToolShell Vulnerability
Center for Internet Security, Inc. (CIS) Case Study

Expert SLTT Support in Face of the ToolShell Vulnerability

Expert SLTT Support in Face of the ToolShell Vulnerability

In July 2025, the “ToolShell” zero-day vulnerability in Microsoft SharePoint allowed attackers to bypass authentication, seize control of systems, and disrupt critical operations across government agencies, schools, and local communities. The attacks led to service outages, rising recovery costs, and potential exposure of sensitive data.

This case study explores how the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) responded with rapid advisories, threat intelligence sharing, and hands-on technical support—helping SLTT organizations detect threats, contain attacks, and strengthen defenses against ongoing exploitation.

Related Resources:


Incident Response to Ransomware at a U.S. SLTT Hospital
Incident Response to Ransomware at a U.S. SLTT Hospital
Monitoring and Support During the CrowdStrike Falcon Outage
Monitoring and Support During the CrowdStrike Falcon Outage
How the MS-ISAC Provided Support After a Ransomware Incident
How the MS-ISAC Provided Support After a Ransomware Incident
Download the Resource


Related Resources:


Incident Response to Ransomware at a U.S. SLTT Hospital
Incident Response to Ransomware at a U.S. SLTT Hospital
Monitoring and Support During the CrowdStrike Falcon Outage
Monitoring and Support During the CrowdStrike Falcon Outage
How the MS-ISAC Provided Support After a Ransomware Incident
How the MS-ISAC Provided Support After a Ransomware Incident