DocuSign Breach Leads to Targeted Email Malware Campaign
Breach at DocuSign Led to Targeted Email Malware Campaign
DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems. The company stresses that the data stolen was limited to customer and user email addresses, but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign.
References: DocuSign Data Breach Led to Targeted Email Malware Campaign | DocuSign Admits Hackers Accessed its Customer Email Database, Sent Out Malware | DocuSign Admits Data Breach That Led to Recent Spam
- Web application firewall management and advanced anomaly detection.
- Intrusion detection system (IDS) signatures would detect intrusion and network anomalies.
- Security Operations Center team provides 24x7 security monitoring, daily log review, web application firewall management and advanced anomaly detection.
- Mail filtration would scan incoming files and hyperlinks of any malicious links or code.
- An encryption tool which acts as a lock for the database.
WanaCry Ransomware Attacks Over 200,000 Computers in 150 Countries
On May 12, a ransomware attack swept the globe by force, infecting 230,000 computers across more than 150 countries. The ransomware, called WannaCry, targeted businesses running outdated Windows machines. It leveraged an exploit -- a tool designed to take advantage of a security hole -- leaked in a batch of hacking tools believed to belong to the NSA.
Although Microsoft released a patch to fix the exploit in March, which could have easily prevented the attack, many major firms like healthcare and telecom organizations are running on old, outdated technology that no longer receives software updates.
References: Why WannaCry Ransomware Took Down So Many Businesses | WannaCry Ransomware Wasn't The First Malware Using Stolen NSA Exploit | How To Protect Yourself From The Global WanaCry Ransomware Attack
- Intrusion detection system (IDS) signatures would detect intrusion and network anomalies
- Log management could detect any suspicious user account activity
- Solid patch management program to quickly mitigate the risk of a vulnerability
This Week's Suspicious IP Addresses
*IP addresses provided by Recorded Future.
SCHEDULE A DEMO
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.