1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • SaaS platforms are facing more phishing attacks than ever

    From TechnologyDaily@1337:1/100 to All on Wed Aug 24 19:45:03 2022
    SaaS platforms are facing more phishing attacks than ever

    Date:
    Wed, 24 Aug 2022 18:23:19 +0000

    Description:
    SaaS platforms prove the perfect weapon, as they're legitimate tools that bypass most security measures.

    FULL STORY ======================================================================

    Cybercriminals are increasingly turning towards legitimate Software-as-a-Service ( SaaS ) solutions to launch, distribute, and advertise their campaigns, security researchers have reported.

    Unit 42, the cybersecurity arm of Palo Alto Networks, has published a report which found the abuse of such services soared by 1,100% in a span of a year between June 2021 and 2022.

    All kinds of services are being abused: file sharing sites, hosting tools, form and survey builders, website design sites, and collaboration tools, to name a few. Website builders , collaboration platforms, and form builders
    were also said to have experienced the highest uptick in abuse in the last year. Saving time and money

    Unit 42 says the rising popularity of these tools among crooks can be attributed, first and foremost, to the fact that they are legitimate, and as such, often pass through various fraud and scam filters, including email security solutions.

    But it can also be attributed to the fact that theyre super easy and convenient to use, and allow for the quick upscaling and downscaling of campaigns.

    Whats more, should law enforcement agencies take down a phishing page, for example, the crooks can simply change the link and have it point elsewhere, while avoiding the gruntwork of having to design the page from scratch. That being said, the tools are built with newbies in mind, which eliminates the need to know how to code, or be well-versed in website, or form, design. Read more

    LinkedIn is still the most popular phishing lure around


    This Microsoft phishing campaign can hack you, even if you have MFA


    These are the best paid and free tools for work sharing and communication

    Palo Alto Networks isnt the only company warning about the abuse of
    legitimate SaaS solutions, either. As reported by BleepingComputer , Cyren
    has been warning about the rampant abuse of typeform.com since mid-2021,
    while Trend Micro warned of 123formbuilder.com, formtools.com, as well as smartsurvey.co.uk. Cofense was warning about the abuse of canva.com, as well.

    Stopping the abuse of these services, the publication says, will be
    relatively challenging, as implementing aggressive email filters can do more harm than good. These are the best endpoint protection services right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/saas-platforms-are-facing-more-phishing-attacks -than-ever/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)