SC Magazine: Hackers rush to new doc builder that uses Macro-exploit, posing as DocuSign

SC Magazine: Hackers rush to new doc builder that uses Macro-exploit, posing as DocuSign. “Researchers at Intel471 have identified a new malicious document builder that has gone from a new, relatively unknown exploit to being incorporated into the attack chains of top cybercriminal groups in less than a year. The builder, dubbed EtterSilent, comes in two flavors: one version exploits an old remote code execution vulnerability in Microsoft Office and another uses a Macro-based exploit and is designed to look like DocuSign, a popular software program that allows individuals or businesses to electronically sign documents.”

VentureBeat: DocuSign’s customer email database accessed by hackers after phishing scam

VentureBeat: DocuSign’s customer email database accessed by hackers after phishing scam. “Electronic signature service DocuSign said on Tuesday hackers had temporarily gained access to a database containing customer emails following a surge in phishing emails sent to its users. The company, which has about 200 million users, said the emails imitated the DocuSign brand to trick recipients into opening a Microsoft Word document containing malicious software.”