Zendesk's email collaboration feature contained a critical vulnerability that allowed attackers to access sensitive support tickets and infiltrate internal systems (including Slack workspaces) by exploiting weak email spoofing protections; the vulnerability affected over half of Fortune 500 companies before Zendesk patched it in July 2024 after initially dismissing the report as out of scope. You should immediately disable email collaboration in your Zendesk configuration if you haven't already, review which verification emails your SSO system accepts, and ensure your support domain isn't used for both Zendesk and critical authentication systems. Zendesk's fix now uses enhanced spam filtering (RSPAMD) and automatically suspends verification emails from Apple and Google, but the incident underscores the risk of treating ticketing systems as low-security tools when they're connected to your primary company domain.
Article URL: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52 Comments URL: https://news.ycombinator.com/item?id=41818459 Points: 1637 # Comments: 417
Article URL: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52 Comments URL: https://news.ycombinator.com/item?id=41814738 Points: 20 # Comments: 5