Security News
Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. The campaign was detected in late September and accounts for a larger than usual batch of Government-Backed Attack notifications that Google sends to targeted users every month.
This effective indicator that these types of email communication are coming from that specific legitimate source is made possible by Gmail's added support for the Brand Indicators for Message Identification standard. About BIMI. BIMI is an email specification that enables the use of brand-controlled logos within email clients.
US House Rep Mo Brooks seemingly revealed his Gmail password and a PIN in a Sunday rage tweet about a lawsuit regarding the January 6 insurrection attempt. Brooks, who sits on the House's Cyber, Innovative Technologies, and Information Systems subcommittee, and the Science, Space, and Technology committee, tweeted a photo from an iPad of his Windows computer, attached to which was a piece of paper with login credentials written on it.
Conservative MP Tom Tugendhat has publicly claimed GCHQ sources told him Gmail was more secure than Parliament's own Microsoft Office 365 deployment - but both Parliament and a GCHQ offshoot have told him to stop being silly. "I was told by friends at GCHQ that I was better off sticking to Gmail rather than using the parliamentary system because it was more secure," Tugendhat told the BBC's Today Programme.
In early 2021, a Chinese threat actor tracked as TA413 attempted to hack into the Gmail accounts of Tibetan organizations using a malicious browser extension, researchers with cybersecurity firm Proofpoint have discovered. In January and February 2021, the group was observed delivering the FriarFox extension, customized to specifically target the Firefox browser and provide attackers with access to and control of victims' Gmail accounts.
Several Tibetan organizations were targeted in a cyber-espionage campaign by a state-backed hacking group using a malicious Firefox extension designed to hijack Gmail accounts and infect victims with malware. The Chinese state hackers also infected victims with the Scanbox malware reconnaissance framework, which allowed them to harvest their targets' data and log their keystrokes.
A newly uncovered cyberattack is taking control of victims' Gmail accounts, by using a customized, malicious Mozilla Firefox browser extension called FriarFox. FriarFox gives cybercriminals various types of access to users' Gmail accounts and Firefox browser data.
Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. After inspecting phishing and malware campaigns blocked by Gmail within five months, Google found that 42% of all targets were from the US, with the next two most targeted users being from the UK and Japan.
Users whose personal details have been exposed by a third-party breach, Australians, older folks and those who use both desktops and mobile devices are at the highest risk of becoming the victim of a malicious email attack, according to Google and researchers from Stanford, who teamed up to determine who has the highest risk of being targeted. Users who had personal data exposed in a third-party breach were five-times more likely to be targeted by phishing or malware, according to the report, which highlights just how damaging these types of data breaches can be, even in the long run.
Google has blamed a bug in its global authentication system for last week's outage that affected Gmail, Calendar, YouTube, Meet and multiple other Google services. The 47-minute outage last Monday, which severely affected operations at workplaces and schools globally, was caused by a bug in an automated quota management system that powers the Google User ID Service.