Ransomware crews are mass-exploiting on-prem SharePoint. Patch now, lock down service accounts, monitor w3wp→PowerShell, and hunt webshells in IIS dirs. Assume breach. #BlueTeam 🛡️ #Infosec

Source: https://link.bitbase.bg/VpGPSR