Malicious SharePoint and OneDrive Links Are a Phishing Scammer’s Dream
Attackers are exploiting the rapid adoption of cloud-based collaboration services such as Microsoft’s SharePoint Online and OneDrive by leveraging them as a social engineering tool to trick users into clicking on malicious links, often for the purpose of wire fraud or supply chain fraud. Oliver Tavakoli, CTO at Vectra, agreed that these kind of phishing scams tend to be more successful since the email is sourced by an internal party, rather than being from an external party pretending to be internal, and the links to SharePoint or OneDrive files reinforce to the victim that this is an internal communication.
The United States Sanction Russia in Response to Cyberattacks
President Biden Issues Sanctions Against Russia For Cyberattacks, Election Interference
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks