all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ghosttoken – Zero-Day Flaw Lets Attackers Gain Access to Google Accounts

Add to bookmarks
April 25, 2023, 7:02 a.m. | Guru

Cyber Security News cybersecuritynews.com

Astrix’s Security Research Group reported a 0-day flow in the Google Cloud Platform (GCP) related to an OAuth flow exploitation. This method was termed “Ghosttoken.”  Exploiting this flaw is done through a malicious application, which can lead threat actors to gain access to the victim’s Google account forever. One of the most important and scary […]


The post Ghosttoken – Zero-Day Flaw Lets Attackers Gain Access to Google Accounts appeared first on Cyber Security News.

access account accounts application attackers cloud cloud platform cyber cyber security exploitation exploiting flaw flow gcp google google account google accounts google cloud google cloud platform important malicious malicious application oauth platform research scary security security research threat threat actors victim vulnerability zero-day zero-day flaw

Visit resource

More from cybersecuritynews.com / Cyber Security News

Investigating Two TeamCity Authentication Bypass Vulnerabilities 4 hours ago | cybersecuritynews.com
access account account takeovers array +29
Threat Actors Claiming of 0-Day Vulnerability in Zyxel VPN Device 6 hours ago | cybersecuritynews.com
0-day vulnerability access attackers claim +18
Muddling Meerkat Using DNS As A Powerful Weapon For Sophistication 7 hours ago | cybersecuritynews.com
actor attacks china chinese +32
Pathfinder – New Attack Steals Sensitive Data From Modern Processors 7 hours ago | cybersecuritynews.com
analysts attack attacks building +25
Beware of New Android Trojan That Executes Malicious Commands on Your Phone 8 hours ago | cybersecuritynews.com
android android malware android trojan backdoor +14
Authorities Seized Platform Used For Paid DDoS 9 hours ago | cybersecuritynews.com
agency april center collaboration +16
Ex-Infosec Designer Sentenced to Over 21 Years in Prison 10 hours ago | cybersecuritynews.com
agent classified colorado cyber security +18
Safari is Not So Private! Safari Flaw Exposing EU iPhone Users to Trackers 10 hours ago | cybersecuritynews.com
app apple apps browser +18
New U.K. Law Bans Default Passwords Like ‘1234’ On Smart Devices 10 hours ago | cybersecuritynews.com
bans consumers cyber cyber security +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom
View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands
View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila
View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com
View more jobs