Security News

Researchers have uncovered a threat group launching surveillance campaigns that target victims' personal device data, browser credentials and Telegram messaging application files. One notable tool in the group's arsenal is an Android malware that collects all two-factor authentication security codes sent to devices, sniffs out Telegram credentials and launches Google account phishing attacks.

Nylas announced a strategic partnership with Leviathan Security Group, an Information Security and Risk Management consulting firm. This partnership will provide developers around the world with a simplified certification process for any application that accesses Gmail data.

An updated version of the ComRAT malware that Russia-linked cyber-espionage threat actor Turla has been using in recent attacks can connect to Gmail to receive commands, ESET reports. One of the oldest malware families used by the group, ComRAT was used to target the US military in 2008 and saw two major versions released until 2012, both derived from the same code base.

Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data. The ComRAT v4, as the new successor is called, uses an entirely new code base and is far more complex than its earlier variants, according to ESET. The firm said the first known sample of the malware was detected in April 2017.

Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data. The ComRAT v4, as the new successor is called, uses an entirely new code base and is far more complex than its earlier variants, according to ESET. The firm said the first known sample of the malware was detected in April 2017.

New scanning capabilities that Google rolled out to Gmail have resulted in an increased overall detection rate of malicious documents. Of the detected malicious documents, 63% differ from day to day, and the Internet search giant has deployed a new generation of document scanners to improve its detection capabilities via deep learning.

A researcher has earned $5,000 from Google for an interesting cross-site scripting (XSS) vulnerability found in the dynamic email feature added a few months ago to Gmail. read more

The bug was fixed at least a month ago so users receiving dynamic email content have one less thing to worry about.

Kaspersky fingers pro-G filters for letting cyber-muck through Spammers are abusing the preferential treatment Google affords its own apps to score free passes through Gmail's spam filters, it was...

Google announced that on 25 June 2019, Gmail's confidential mode will be switched on by default as the feature becomes generally available.