November 5, 2024 at 11:12AM Cybercriminals are exploiting a Docusign API in a phishing campaign, sending convincing fake invoices to companies. By creating legitimate Docusign accounts, attackers bypass typical security measures. This innovative scam leverages authentic-looking e-sign requests, prompting organizations to verify document origins to prevent fraud, while urging service providers to bolster API security. … Read more
November 5, 2024 at 08:49AM Cybercriminals are exploiting DocuSign APIs to send fraudulent emails, including fake invoices, that evade spam and phishing filters. This highlights vulnerabilities in the platform, posing significant risks for users. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Issue Identified**: Cybercriminals are exploiting DocuSign APIs. 2. **Method of Attack**: They … Read more
September 29, 2024 at 11:13PM Cybersecurity expert Sam Curry discovered a vulnerability in Kia vehicles, allowing unauthorized access and the theft of personal details. Another critical vulnerability in Ivanti Traffic Manager was identified, and a UK citizen faces charges for hacking US companies. Additionally, Monaco-based Namebay experienced a ransomware attack, while a cyber attack on … Read more
August 19, 2024 at 06:45AM The Xeon Sender tool is being used for large-scale SMS phishing and spam campaigns through abusing legitimate cloud services. It exploits APIs of services like Amazon SNS, Nexmo, and Twilio to send bulk SMS spam attacks without exploiting any weaknesses of the providers. Organizations should monitor for anomalous changes in … Read more
July 8, 2024 at 08:01AM Cybercriminals have evolved from traditional Living Off The Land (LOTL) attacks to Living Off the Cloud (LOTC) tactics, exploiting trusted cloud services’ APIs to remotely control botnets and conceal malicious activity. To mitigate these risks, organizations should adopt a zero-trust approach, control access to cloud services, implement granular activity control, … Read more
January 6, 2024 at 11:46AM Malware is exploiting an undocumented Google Chrome API to generate new authentication cookies from stolen ones. Multiple malware operations are using this technique to gain access to users’ Google accounts through the API, and Google has downplayed the severity of the issue. The company urges affected users to take precautionary … Read more
October 16, 2023 at 04:37AM Discord’s content delivery network (CDN) is being exploited by threat actors to distribute the Lumma Stealer malware, which steals user credentials. The malware is spread through direct messages, offering victims Discord Nitro boost in exchange for assistance and prompting them to download a file. Lumma Stealer can steal cryptocurrency wallets … Read more