Security News > 2024 > August > Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks
2024-08-19 10:02
Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. "Attackers can use Xeon to send messages through multiple software-as-a-service (SaaS) providers using valid credentials for the service providers," SentinelOne security researcher Alex Delamotte said in a report shared with The Hacker News.
News URL
https://thehackernews.com/2024/08/xeon-sender-tool-exploits-cloud-apis.html
Related news
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents (source)