Google Docs Used To Host Phishing Attacks

ByPR 24

BACKGROUND:

Avanan analysts have recently discovered an exploit vector in Google Docs that attackers are using to deliver malicious phishing websites to victims. The Google Docs page may look familiar to those who share Google Docs outside of their organization. This, however, isn’t that page. It’s a custom HTML page made to look like that familiar Google Docs share page. The attacker wants the victim to “Click here to download the document” and once the victim clicks on that link, they will be redirected to the actual malicious phishing website where their credentials will be stolen through another webpage made to look like the Google Login portal. But, that is not Google’s website.

Similar Posts

Cisco to buy Kenna Security – Security

Cisco to buy Kenna Security – Security

ByPR 24

Cisco Systems has agreed to purchase Kenna Security to help customers more effectively prioritise vulnerabilities based on threat intelligence and business impact. The San Jose, Calif.-based networking giant said its proposed acquisition of Santa Clara, Calif.-based Kenna will make it easier for organizations to work cross-functionally to rapidly identify, prioritize and remediate cyber risk. This…

Chinese regulators will tighten controls of domestic firms listed overseas following a cybersecurity probe of Didi

Chinese regulators will tighten controls of domestic firms listed overseas following a cybersecurity probe of Didi

ByPR 24

A Didi logo is seen at the headquarters of Didi Chuxing in Beijing on November 20, 2020. REUTERS/Florence Lo/File Photo/File Photo Chinese regulators said they will tighten control of domestic firms listed overseas. The move came after the Beijing-led cybersecurity probe against Didi, Reuters reported. On Sunday, China said Didi “has serious violations of laws…

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack

ByPR 24

Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors. Tracked as CVE-2021-22893 (CVSS score 10), the flaw concerns “multiple use after free” issues in Pulse Connect Secure that could…

The Changing Nature of the Insider Threat

The Changing Nature of the Insider Threat

ByPR 24

Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Joseph Blankenship of Forrester Describes Efforts to Enlist Insiders for Fraud Anna Delaney (annamadeline) • June 22, 2021     Joseph Blankenship, vice president, research director, Forrester Cybercriminals and nation-states are attempting to recruit insiders at companies around…

Compromised Microsoft Exchange Server Used to Host Cryptominer

Compromised Microsoft Exchange Server Used to Host Cryptominer

ByPR 24

Compromised Microsoft Exchange Server Used to Host Cryptominer | IT Security News 13. April 2021 Researchers say an unknown attacker is targeting vulnerable Exchange Servers with a payload hosted on a compromised Exchange Server. Like this: Like Loading… Related Tags: Dark Reading: Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products– Employee awareness…