Security researchers discovered two unrelated cyber-threat campaigns targeting Microsoft SharePoint: one using phishing and the other exploiting a remote code execution (RCE) vulnerability. The first campaign likely focused on mass targeting for maximum impact, sending phishing email recipients to a malicious webpage that prompted them to enter credentials into a purported SharePoint document. The second campaign, orchestrated by a ransomware group, occurred despite Microsoft’s release of a patch for the RCE flaw in March 2019. Last year the flaw was also exploited, by Iranian nation-state threat actors taking advantage of unpatched servers, according to Microsoft. As long as older vulnerabilities remain unaddressed and users remain susceptible to phishing, these types of campaigns will probably continue to crop up into the long-term future (beyond one year).
ShadowTalk hosts Alec, Ivan, Sean, and Digital Shadows CISO, Rick, bring you the latest in threat intellige...
Other content in this Stream
This guide outlines how to detect, analyze, and remediate data leakage–including a treasure chest of free tooling.
This Solutions Guide to learn how to protect your organizations social footprint with the top Social Media Monitoring use cases Digital Shadows has identified.
As the leader in threat intel and drp SearchLight is the most comprehensive and awarded solution available. Ready to learn a better way to tackle Threat Intelligence? Get started today!
ShadowTalk hosts Sean, Alec, Rick, and Ivan bring you the latest in threat intelligence. They cover CISA guidelines on frequently exploited vulnerabilities , Q2 Ransomware and PunkSpider.
In this report, Digital Shadows’ Photon Team analyzed a data set of more than 175,000 impersonating domains raised to our clients over four months of 2021.
This guide outlines what potential data sources, detection methods, context, and remediation actions to consider if you want to effectively monitor domains and mitigate the risk of data loss, exposed
This infographic details the two high level types of domain impersonation: typosquats and combosquats, and the 10 different strategies used by threat actors.
ShadowTalk hosts Sean, Ivan, and Charles bring you the latest in threat intelligence.
ShadowTalk hosts Stefano, Adam, Kim, and Dylan bring you the latest in threat intelligence.
US President Joe Biden recently signed an executive order (EO) aimed at strengthening network security for US federal government departments, and agencies and contractors working with them.
This guide shares years of operational best practices and expands on where dark web intelligence is useful and can be effectively leveraged into action for security teams.
ShadowTalk hosts Sean, Alec, Ivan, and Charles bring you the latest in threat intelligence.
A “Conti” ransomware attack on Ireland’s healthcare system, the Health Service Executive (HSE), significantly delayed the delivery of medical laboratory results and affected many outpatient services.
ShadowTalk hosts Stefano, Chris, Kim, and Xue bring you the latest in threat intelligence.
Colonial Pipeline Company fell victim to a cyber attack that resulted in 5,500 miles of its US fuel pipelines being shut down, causing public distress and fears of fuel shortages.