PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

July 22, 2024 at 08:55AM FLUXROOT, a financially motivated threat actor, abused Google Cloud serverless projects to conduct phishing attacks, targeting Latin America. This highlights the trend of threat actors exploiting cloud computing for malicious purposes. Google has taken measures to mitigate such activities, emphasizing the challenges in detecting and countering threats facilitated by cloud … Read more

In Other News: US Hacks Iranian Spy Ship, Rhysida Ransomware Decryption, NIST Guidance

February 16, 2024 at 10:03AM SecurityWeek’s roundup includes Google Cloud’s threat report, a free decryption tool for Rhysida ransomware, and NIST’s guidance on software supply chain security. It covers OpenTitan’s root of trust availability, Seal Security’s emergence, and Pentagon’s data breach notification. Google denies Hamas cyber support, and China’s hacking claims are criticized for lack … Read more

Novel Google Cloud RAT Uses Calendar Events for C2

November 6, 2023 at 04:28PM Google is warning about the increasing use of native cloud tools by attackers to hide their malicious activities. They highlighted a proof-of-concept exploit called “Google Calendar RAT,” which allows hackers to repurpose Google Calendar events for command-and-control purposes. Although Google has fixed this particular issue, they emphasize that every cloud … Read more