Security Stop-Press: Cyber Criminals Exploit Trusted Platforms in LOTS Attacks

February 20, 2025

Security Stop-Press: Cyber Criminals Exploit Trusted Platforms in LOTS Attacks

Cyber criminals are exploiting trusted services like Microsoft, Google, and DocuSign to deliver malware and phishing attacks.

Known as Living off Trusted Services (LOTS), this tactic allows them to evade detection by leveraging widely used platforms.

Mimecast’s H2 2024 Global Threat Intelligence Report flagged LOTS attacks as a growing concern, with over 5 billion threats detected. Attackers use CAPTCHAs to block security scans and host malicious payloads on cloud platforms.

By infiltrating third-party providers, cyber criminals gain deep access to networks, making detection difficult. Traditional security measures based on domain reputation and authentication often fail.

To defend against LOTS attacks, businesses should implement AI-driven threat detection, Zero Trust policies, enhanced email security, and user training to mitigate risks and prevent exploitation of trusted services.

Featured Article : Grok Blocked! Quarter Of EU Firms Ban Access

Featured Article : Grok Blocked! Quarter Of EU Firms Ban Access

June 5, 2025
New research shows that one in four European organisations have banned Elon Musk’s Grok AI chatbot due to concerns over misinformation, data privacy and reputational risk, making it far more widely rejected than rival tools like ChatGPT or Gemini.
Tech Insight : Why Google’s New 'Fingerprint' Policy Matters

Tech Insight : Why Google’s New 'Fingerprint' Policy Matters

June 5, 2025
In this Tech Insight, we look at Google’s controversial decision to allow advertisers to use device fingerprinting, exploring what the technology involves, why it has sparked concern, and what it means for users, businesses, and regulators.
More Posts