Researchers uncover URL spoofing flaws on Zoom, Box, Google Docs

Researchers have discovered several URL spoofing bugs in Box, Zoom and Google Docs that would allow phishers to generate links to malicious content and make it look like it’s hosted by an organization’s SaaS account. Many attacks are made possible The vulnerabilities arise for a lack of validation of so-called vanity URLs, and they allow attackers with their own SaaS accounts to change the URL of the pages hosting malicious files, forms and landing pages, … More →

The post …

box docs don't miss flaws google google docs phishing researchers social engineering spoofing uncover url varonis vulnerability zoom