A previously unreported data extortion operation dubbed “Helix” that targets enterprises using identity-focused entry techniques and automated SharePoint exfiltration. The group’s playbook combines voice phishing (vishing), device-code phishing to capture session tokens and bypass Conditional Access controls, rapid MFA registration for persistence, and scripted enumeration and bulk download of SharePoint content all staged from shared […]
The post New Helix Extortion Group Targets Enterprises With MFA Abuse and SharePoint Exfiltration appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Mayura Kathir
Source: gbHackers
Source Link: https://gbhackers.com/new-helix-extortion-group/