Dark Reading

Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint

A complex phishing campaign is targeting Microsoft SharePoint accounts with malicious documents aimed at getting users to compromise themselves by deploying a PowerShell command. The attack is a ...
Bleeping Computer

New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint

A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices ...
Bleeping Computer

New SharePoint flaws help hackers evade detection when stealing files

Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint. Microsoft SharePoint is a web-based ...