logo
episode-header-image
Aug 2023
17m 7s

Google's not being ghosted from vulnerab...

N2K Networks
About this episode

Tal Skverer from Astrix Security joins to discuss their work on "GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts." Astrix’s Security Research Group revealed a 0-day flaw in Google’s Cloud Platform (GCP) on June 19, 2022, which was found to affect all Google users.

The research states "The vulnerability, dubbed “GhostToken”, could allow threat actors to change a malicious application to be invisible and unremovable, effectively leaving the victim’s Google account infected with a trojan app forever." Google issued a patch to this vulnerability in April of this year, but researchers explain why this can be severe.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Today
MK Palmore: Lead from where you stand. [CISO] [Career Notes]
Please enjoy this encore of Career Notes. Director of Google Cloud's Office of the CISO, MK Palmore, dedicated much of his life to public service and now brings his experience working for the greater good to the private sector. A graduate of the US Naval Academy, including the Na ... Show More
9m 10s
Today
Click here to steal. [Research Saturday]
Today we are joined by ⁠Selena Larson⁠, Threat Researcher at ⁠Proofpoint⁠, and co-host of ⁠Only Malware in the Building⁠, as she discusses their work on "Amatera Stealer - Rebranded ACR Stealer With Improved Evasion, Sophistication." Proofpoint researchers have identified Amatera ... Show More
28m 11s
Yesterday
Behind the firewall, trouble brews.
Fortinet patches a critical flaw in its FortiWeb web application firewall. Hackers are exploiting a critical vulnerability in Wing FTP Server. U.S. Cyber Command’s fiscal 2026 budget includes a new AI project. Czechia’s cybersecurity agency has issued a formal warning about Chine ... Show More
31m 49s
Recommended Episodes
Aug 2018
Ep 19: Operation Aurora
In 2009, around Christmas time, something terrible was lurking in the network at Google. Google is the most popular website on the Internet. It’s so popular many people just think Google is the Internet. Google hires many of the most talented minds and has been online since the 9 ... Show More
28m 29s
Feb 2021
Mon. 02/01 – Google Deadpools The Pixel Slate
It’s a day ending in -a-y, so that must mean Google discontinued another flagship product. Microsoft reports that its next growth industry is cybersecurity. Ring has basically doubled the amount of police and fire departments that can request access your doorbell videos. And what ... Show More
18m 1s
Mar 2022
Google récupère-t-il vos SMS sans le dire ?
Après les polémiques sur son utilisation des cookies et des trackers pour mieux identifier ses utilisateurs, Google se retrouve à nouveau dans la tourmente concernant son traitement des données personnelles. En clair, les applications Messages et Téléphone de Googles enregistrera ... Show More
2m 26s
May 2023
Wed. 05/03 – How A Pixies Song Broke Google Assistant
Google releases a new feature to put another nail in the password coffin. Malware merchants are using generative AI. A deep dive into what Bluesky is like right now. The best explainer of quantum computing I’ve ever seen. And how a Pixies song is breaking Google assistant and mak ... Show More
16m 38s
Sep 2023
TWiG 732: Unidentified Flying Skellington - New Android Branding, Twitter Spy
Britain Admits Defeat in Controversial Online Safety Bill When Tech Says "No" Apple Backs Down on Its Controversial Photo-Scanning Plans The FBI secretly launched an encrypted messaging system for criminals Former Twitter Employees Charged With Spying for Saudi Arabia Jeff Jarvis ... Show More
2h 14m
Listen to millions of songs and podcasts on Anghami