Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known

Posted from: Click here for the full article.

留言

此網誌的熱門文章

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation