New Dropbox phishing attacks target SaaS credentials

12 March 2024

Attackers leveraging the ‘no-reply@dropbox[.]com’ domain sent emails with a Dropbox-hosted PDF to employees using the Darktrace SaaS environment, which when opened established a connection with a malicious endpoint redirecting to a fraudulent Microsoft 365 login page, according to a report from Darktrace. Aside from leveraging ExpressVPN-related endpoints to obfuscate their locations, threat actors also tapped valid tokens and fulfilled MFA requirements to avert the targeted organization’s MFA policy, researchers said.

Source: SC Magazine

Date:

12 March 2024

Categorie(s):

NEWS

Tag(s):

Cloud Computing, Cloud Storage, Dropbox, Identity, New

Say goodbye to standard security for smartphones (you need this instead)29 April 2024
The EU has decided to open up iPadOS29 April 2024
Your Must-Know AI and Cloud-Native AppSec Insights at RSAC 202429 April 2024
Belarus security agency allegedly subjected to hacktivist attack29 April 2024
Old Microsoft Office bug leveraged to compromise Ukraine29 April 2024