Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation SharePoint Middle East

The campaign targeted Microsoft SharePoint servers located at Middle Eastern government organizations to steal sensitive information. The threat actors installed web shells on the compromised servers by taking advantage of flaws that have been patched by the vendor. Various tools were used in the operation including custom backdoors and Mimikatz to traverse the network.
Name Modified Date Sources
Operation SharePoint Middle East 2019-05-28