Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to no...

SecTopRAT bundled in Chrome installer distributed via Google Ads

Criminals are once again abusing Google Ads to trick users into downloading malware. Ironically, this time the bait is a malicious ad for Google Chrome, the world's most popular browser. Victims who click the ad land on a fraudulent Google Sites page designed as a intermediary portal, similar to...

PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks

The Python Package Index, PyPI, on Wednesday sounded the alarm about an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to legitimate packages. "This is the first known phishing attack against PyPI," the maintainers of the official third-party...

100,000 Google Sites Used to Install SolarMarker RAT

Hackers are using search-engine optimization SEO tactics to lure business users to more than 100,000 malicious Google sites that seem legitimate, but instead install a remote access trojan RAT, used to gain a foothold on a network and later infect systems with ransomware, credential-stealers,...

Hackers using Google Sites to spread banking malware

By Uzair Amir The IT security researchers at Netskope Threat Research Labs have discovered a new malware hosted on the Google Sites, a dedicated platform offered by Google for developing websites. Dubbed LoadPCBanker by researchers; the malware is actually an executable that is hidden inside a PD...

CHM Help Files Deliver Brazilian Banking Trojan

Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...

Google Sites Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2016-002 - Original release date: February 16, 2016 - Last revised: February 16, 2016 - Discovered by: Fabián Cuchietti - Severity: 6.1/10 CVSSv3 Base Metrics ============================================= I...

Google to Publish Research on Browser Ad Injectors

Google is preparing to release new research on the prevalence of ad injectors, the often-unwanted browser extensions that inject ads onto Web pages, and the numbers will show just how widespread and problematic the software is. Ad injectors belong to that great, amorphous pile of applications tha...

Google Open Redirect

Problem: Google suffers from an open redirect that can be used to trick users into visiting sites not originating from google.com Example: http://www.google.com/local/add/changeLocale?currentLocation=http://www.bing.com...