Docusign API Abused in Widescale, Novel Invoice Attack

November 5, 2024 at 11:12AM Cybercriminals are exploiting a Docusign API in a phishing campaign, sending convincing fake invoices to companies. By creating legitimate Docusign accounts, attackers bypass typical security measures. This innovative scam leverages authentic-looking e-sign requests, prompting organizations to verify document origins to prevent fraud, while urging service providers to bolster API security. … Read more

Dropbox Data Breach Impacts Customer Information

May 2, 2024 at 04:29AM Dropbox disclosed a data breach impacting customers of its electronic signature service, Dropbox Sign. The breach compromised customer information, including email addresses, usernames, phone numbers, and hashed passwords. While payment information and customer files were not accessed, all affected users are being notified and security measures are being updated. The … Read more