Found 5 bookmarks
Custom sorting
File hosting services misused for identity phishing
File hosting services misused for identity phishing
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
#microsoft#EN#2024#File#hosting#SharePoint#OneDrive#Dropbox#social-engineering#identity#phishing#research
·microsoft.com·
File hosting services misused for identity phishing
Exploiting Static Site Generators: When Static Is Not Actually Static
Exploiting Static Site Generators: When Static Is Not Actually Static
Over the last ten years, we have seen the industrialization of the content management space. A decade ago, it felt like every individual and business had a dynamic WordPress blog, loaded up with a hundred plugins to do everything from add widgets to improve performance. Over time, we realised this was a bad idea, as ensuring the security of third-party plugins seemed increasingly impossible.
#assetnote#EN#2022#Static#hosting#comromise#Netlify
·blog.assetnote.io·
Exploiting Static Site Generators: When Static Is Not Actually Static
Exploiting Static Site Generators: When Static Is Not Actually Static
Exploiting Static Site Generators: When Static Is Not Actually Static
Over the last ten years, we have seen the industrialization of the content management space. A decade ago, it felt like every individual and business had a dynamic WordPress blog, loaded up with a hundred plugins to do everything from add widgets to improve performance. Over time, we realised this was a bad idea, as ensuring the security of third-party plugins seemed increasingly impossible.
#assetnote#EN#2022#Static#hosting#comromise#Netlify
·blog.assetnote.io·
Exploiting Static Site Generators: When Static Is Not Actually Static