Researchers uncover URL spoofing flaws on Zoom, Box, Google Docs

11 May 2022

Researchers have discovered several URL spoofing bugs in Box, Zoom and Google Docs that would allow phishers to generate links to malicious content and make it look like it’s hosted by an organization’s SaaS account. Many attacks are made possible The vulnerabilities arise for a lack of validation of so-called vanity URLs, and they allow attackers with their own SaaS accounts to change the URL of the pages hosting malicious files, forms and landing pages, as to maximize their potential to trick users.

Read full article on Help Net Security

Date:

11 May 2022

Categorie(s):

NEWS

Tag(s):

Google, Google Docs, IT, Researchers, URL

McAfee Dominates AV-Comparatives PC Performance Test3 May 2024
Preparation: The Less Shiny Side of Incident Response – Joe Gross – ESW #3603 May 2024
Critical GitLab account takeover flaw added to CISA’s KEV Catalog2 May 2024
Microsoft, Google do a victory lap around passkeys2 May 2024
Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024