Earlier this week, DocuSign issued an alert that notified users of a new hacking tool. This tool is imitating DocuSign so then the bad guys can drop malware into victims' systems.
The tool is named "EtterSilent", and it created Microsoft Office documents that contain malicious macros to exploit a known Microsoft Office vulnerability. The alert states, "This activity is from malicious third-party sources and is not coming from the DocuSign platform.”
Check out DocuSign's helpful guide on their website of helpful indicators of compromise here. If your users use DocuSign, it is essential to alert your users of this potential threat so then your organization can avoid becoming the next victim.
Frequent phishing tests and continual new-school security awareness training can ensure your users are prepared and equipped to respond in situations similar to this. User education is essential for your users to spot and report and suspicious activity.
JD Supra has the full story.