all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Infostealers Abuse Google OAuth Endpoint to ‘Revive’ Cookies, Hijack Accounts

Add to bookmarks
Jan. 9, 2024, 4 p.m. | Team Nuspire

Security Boulevard securityboulevard.com

The exploitation of an undocumented Google OAuth endpoint, MultiLogin, by various information-stealing malware strains has raised significant concerns within the cybersecurity landscape. This critical vulnerability, discovered by security researchers following a disclosure on Telegram by a threat actor known as Prisma on Oct. 20, 2023, poses a substantial risk to user sessions and account security.  Tell me more about the ... Read More


The post Infostealers Abuse Google OAuth Endpoint to ‘Revive’ Cookies, Hijack Accounts appeared first on Nuspire. …

abuse accounts actor blog cookies critical critical vulnerability cybersecurity cybersecurity landscape disclosure endpoint exploitation google hijack information infostealers malware oauth prisma researchers revive risk security security researchers stealing telegram threat threat actor undocumented vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Beyond Typosquatting: An In-depth Look at Package Confusion 18 hours ago | securityboulevard.com
access authors beyond conference +19
Breaking Down Cybersecurity: The Real Meaning Behind the Jargon 23 hours ago | securityboulevard.com
authenticity availability breaking cia +19
What is General Data Protection Regulation Act (GDPR)? 1 day, 1 hour ago | securityboulevard.com
act adoption center challenges +32
Cloud Monitor Automation Improves K-12 Cybersecurity Training & Awareness 1 day, 11 hours ago | securityboulevard.com
automation awareness chief cloud +28
USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware 1 day, 14 hours ago | securityboulevard.com
access authors conference events +15
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656) 1 day, 15 hours ago | securityboulevard.com
ant application customers cve +21
Understanding Cybersecurity Vulnerabilities 1 day, 16 hours ago | securityboulevard.com
advice attacks can cybersecurity +12
Bridging the Gap: Uniting Development and AppSec 1 day, 17 hours ago | securityboulevard.com
application security appsec aspm bridging the gap +20
Open-Source Software Security 1 day, 18 hours ago | securityboulevard.com
blog blog post cloud cloud-native +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs