Monday.com eliminates "Share Update" feature due to misuse in phishing attacks

Project management platform Monday.com has terminated its "Stake Update" segment after hazard actors manipulated it in phishing seizures. Monday.com is a cloud-based undertaking surveillance medium that permits groups to manage and control their job utilizing automatic workflows and dashboards. The medium is utilized by 225,000 clients, including Coca-Cola, Canva, LionsGate, Oxy, Compass, and Zippo.

On Tuesday, Monday.com customers were notified that they were concerned that the company was compromised after obtaining phishing emails from its email reports. These emails were mailed using SendGrid and came from notifications@monday.com, handling SPF, DMARC, and DKIM authentication. The phishing emails acted to come from a "Human Resources" unit, requesting users to either accept the "association's workplace sex guideline" or propose feedback as a region of a "2024 Employee Evaluation."

The conditions associated with these phishing movements have since been disabled, so they do not know what details were being collected. After reaching Monday.com about the phishing attacks earlier this week, they conveyed to them today that the attacks were executed through their 'Share Update' segment.

"We were created conscious of the mishandling of a monday.com feature named "Share Update," which permits users to convey an update with somebody who isn't an associate of their account," a Monday.com representative informed them. "Unfortunately, a user misapplied this feature by transmitting a phishing note. We promptly arrested this user and dismissed the feature."

"This feature has no relation to data hosted on monday.com or key to any consumer accounts or data. We have arrived and transferred protection with the email recipients of the phishing letter." Monday.com states that the danger actor manipulated this feature by inputting a list of email addresses to which a report should be transmitted, which can contain people further from their community.

When questioned about how many individuals accepted an email, they refused to respond for safety reasons but communicated they reached all recipients to alert them of the phishing emails. For those who utilized the 'Share Update' feature, Monday.com conveyed that it is under consideration and cannot supply a timeline for when or if the attribute will be restored.

 

Search

Recent News

Blog Images

Redis Server infected with new ransomware payload by P2Pinfect

Blog Images

New RAT Malware SneakyChef & SugarGhost Attack Windows Systems

Blog Images

New Linux Variant Of RansomHub Attacking ESXi Systems

Blog Images

US denies Kaspersky software for purported Russian connections

Blog Images

Malicious search results can lead to the installation of SolarMarker malware

Blog Images

A hacker gained access to Tile's customer support platform in the Life360 breach

Blog Images

ScreenConnect and RDP access were installed to begin the ALPHV ransomware deployment

Blog Images

Source code and internal data from the New York Times have been leaked in 270GB

Blog Images

Bypassing authentication on the Telerik Report Server is possible due to a flaw in the server

Blog Images

A Data-management startup, Tabular, has been acquired by Databricks

Blog Images

Latest cyber attacks replace AutoIt with AutoHotkey by DarkGate Malware

Blog Images

Cryptominer deployed by 8220 Gang exploiting Oracle WebLogic Server flaw

Blog Images

Linux Malware Scanner from Kaspersky released

Blog Images

Palo Alto Networks Firewall zero-day vulnerability exploited by Red Tail Cryptominer

Blog Images

Ransomware attacks shut down Seattle 27 public libraries

Blog Images

Theft of $37 million of cryptocurrency by an Indian national

Blog Images

Cybersecurity Platform Cynet Makes MSPs Rich & Clients Safe

Blog Images

Through gift card fraud, Moroccan cybercriminals steal up to $100K daily

Blog Images

Detect Fake Antivirus Websites Delivering Android & Windows Malware

Blog Images

Encryption and data exfiltration by Ransomhub on industrial control systems

Blog Images

Attackers weaponize Microsoft Access documents to execute malicious code

Blog Images

Hacker claims access to AWS, Azure, MongoDB, and Github API keys

Blog Images

Ransomware attacks launched by the Ikaruz Red Team using LockBit Builder

Blog Images

Fortinet FortiSIEM PoC published on unauthenticated RCE vulnerability

Blog Images

An Exchange Server keylogger steals login credentials from the login page

Blog Images

Laundering $73 Million in Pig Butchering Crypto Scam Arrested by Chinese Nationals

Blog Images

North Korean Hackers Utilize Facebook Messenger in Focused Malware Offensive

Blog Images

Dell Data Breach: Hacker Compromises Customer Phone Numbers and Service Reports

Blog Images

Apple Implements RTKit iOS Zero-Day Fix for Older iPhone Models

Blog Images

OpenAI Unveils GPT-4o: Faster, Enhanced Model Now Available Free for All ChatGPT Users

Blog Images

Proof of Concept (PoC) Unveiled for Severe PuTTY Private Key Recovery Vulnerability

Blog Images

Hackers Breaches Fidelity National Financial to Steal 1.3 Million People’s Data

Blog Images

Hackers Can Install Ransomware on Network-Connected Devices

Blog Images

Alert: Connect Secure Zero-Days Used in Attacks, Says Ivanti

Blog Images

Cisco to Rectify Hazardous Weaknesses Affecting Unity Connection Software

Blog Images

Zeppelin Ransomware Source Code Fetches $500 on the Hacking Forum

Blog Images

Mandiant X Account to be Restored After 6-Hour Cryptocurrency Scam

Blog Images

“Critical Google Cookies” Exploit Allows Persistent Access After Password Reset

Blog Images

Hackers to Use the New DLL Hijacking Technique to Bypass Windows Security

Blog Images

DoJ Fines XCast $10 Million for Large-Scale Illegal Robocall Scheme

Blog Images

Hackers to Breach an Australian State Court Recording Database

Blog Images

The recent Terrapin bug may downgrade the SSH security protocol

Blog Images

Caution: Scam-as-a-Service Allowing the Cybercriminals to Drain Crypto Wallets

Blog Images

Microsoft to Disable MSIX App Installer Protocol Due to Malware Attacks

Blog Images

Darkweb Leaksmas Event Reveals Massive Hacked Data

Blog Images

A Year After the Rockstar Breach, GTA 5 Source Code was Purportedly Published Online

Blog Images

Carbanak Banking Malware Uses New Ransomware Techniques to Resurface

Blog Images

Microsoft Alerts the Defence Sector about a New FalseFont Backdoor

Blog Images

PikaBot Infects Windows-Based Systems with Malicious Search Ads

Blog Images

CISA Asks Manufacturers to Remove Default Passwords to Prevent Cyber Threats

Blog Images

Microsoft Issues a Storm-0539 Warning: Holiday Gift Card Fraud Is Getting Worse

Blog Images

BazaCall Phishing Scammers to Use Google Forms to Fraud People

Blog Images

"Sierra:21" vulnerabilities target Critical infrastructure routers

Blog Images

New MIPS Variant of P2PInfect Botnet aiming at Routers and IoT gears

Blog Images

Kali Linux to Release 2023.4 Version with New Hacking Tools

Blog Images

New Slam Hacks AMD Future Intel CPUs to Steal Sensitive Data

Blog Images

Russian Cybercriminals Are Taking Advantage of MS Outlook Privilege Increase Vulnerability

Blog Images

New BLUFFS Bluetooth attack exposes devices to AiTM (adversaries in-the-middle attacks)

Blog Images

Microsoft Cautions Users to Kremlin-Backed APT28 Benefiting of Outlook Vulnerability

Blog Images

Federal Agencies, "Iran-Affiliated Hackers to Breach Several U.S. States"

Blog Images

Terrorism Of CACTUS Ransomware Attacks

Blog Images

Malware FjordPhantom to Spread Stealthy through Email, and Messaging Apps

Blog Images

Agent Racoon’s Threat On Middle East, Africa, and U.S Organizations

Blog Images

Deal of the Year: Broadcom’s Game-Changing Acquisition of VMware for $61 Billion

Blog Images

US Treasury Sanctions the Sinbad Crypto Mixer Used by N. Korean Hackers

Blog Images

Security Breach: Cyber Criminals to Exploit Browser Extensions to Hack Facebook Accounts

Blog Images

Windows Systems Breached: APT Hacks HrServ Web Shell, Security Alert

Blog Images

Unlocking Cybersecurity Secrets: Bug Hunter GPT’s Latest Responses

Blog Images

New Security Updates Introduced to Firefox 120: A Sneak Peek

Blog Images

Hackers Deploying REMCOS RAT to Exploit Windows SmartScreen Zero-Day Flaws

Blog Images

FEAM Aero Suffers Data Breach Due to LockBit Ransomware Attack

Blog Images

What are expected cybersecurity tips for Black Friday and Cyber Monday in 2023?

Blog Images

TTB Antivirus Achieves Perfect Score of 18/18, Receives AV-Test Verification for the Third Consecutive Time

Blog Images

Vulnerability of D-link Wi-Fi range extender to command injection attacks

Blog Images

MGM Resorts $100 Million Customer Data Stolen in Ransomware Attack

Blog Images

Sony Faces Cyber-Security Breach as Ransomware Group Alleges Successful Intrusion into “All Sony Systems”

Blog Images

TTB Antivirus Recognized as the Best Antivirus for Android by AV-TEST GmbH

Blog Images

Alarm For 1.5m WordPress Sites Users: Threat From Cookie Consent Plugins

Blog Images

The RatMilad Scare- How to Stay Safe?

Blog Images

A New Netflix-Styled App That is Actually a Ransomware

Blog Images

Uber Hacked! Hacker Announces in the Company Slack. Employees Think it is a Joke

Blog Images

This Spine Chilling new Linux Malware is proving to be an Alarm to all the IT Professionals

Blog Images

Why is it important to be secure on the internet today? Twilio Breach and its Customer Data Compromise!!!

Blog Images

Will the new 'BlastDoor' security feature be able to fight iMessage hacks?

Blog Images

All about the 6GHz (6E) Wi-Fi you need to know

Blog Images

US issues warning after Microsoft claims Chinese hackers perpetrating on its mail server program

Blog Images

PDF feature certified prone to cyberattacks

Blog Images

Fake TikTok App and Laptop offers spreading adware

Blog Images

Silver Sparrow attack on over 30000 Macs; here is what we know so far

Blog Images

Akamais Cybercrime Report 2020 is a real lesson; heres a glimpse

Blog Images

Chinese state-backed hacking group targets vaccine makers in India: A report