Attackers Exploit Zero-Day Flaws in On-Premises SharePoint
bankinfosecurity
Hackers have been exploiting two zero-day vulnerabilities in on-premises installations of Microsoft SharePoint to gain remote access, and steal cryptographic keys and data. As Microsoft rolls out patches against "ToolShell," experts warn administrators to also rotate keys, to help eject attackers.
Prajeet Nair • July 19, 2025
Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication - FIDO2 physical keys.
Prajeet Nair • July 18, 2025
Threat actors are using public GitHub repositories to host and distribute malware through the Amadey botnet in an ongoing campaign linked to a broader malware-as-a-service operation, Cisco Talos said in a report published Thursday.
Chris Riotta • July 18, 2025
Washington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of ...
Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE