A previously unreported data extortion operation dubbed “Helix” that targets enterprises using identity-focused entry techniques and automated SharePoint exfiltration. The group’s playbook combines voice phishing (vishing), device-code phishing to capture session tokens and bypass Conditional Access controls, rapid MFA registration for persistence, and scripted enumeration and bulk download of SharePoint content all staged from shared […]
The post New Helix Extortion Group Targets Enterprises With MFA Abuse and SharePoint Exfiltration appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: