Hackers exploit Google Docs in new phishing campaign
Tech Republic Security
JANUARY 6, 2022
Attackers are taking advantage of the comment feature in Google Docs to send people emails with malicious links, says Avanan.
This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.
Tech Republic Security
JANUARY 6, 2022
Attackers are taking advantage of the comment feature in Google Docs to send people emails with malicious links, says Avanan.
Security Boulevard
FEBRUARY 7, 2024
Recently, we’ve noticed a significant increase in Google Docs phishing scams. In one example, a school district that was doing a free security audit with us uncovered a file containing phishing links being shared into […] The post Product Highlight | Google Docs Phishing Scam Alert appeared first on ManagedMethods.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Boulevard
JANUARY 7, 2022
The post ‘Massive Wave’ of Hackers Exploiting Comments in Google Docs appeared first on Security Boulevard.
Security Affairs
JANUARY 6, 2022
Experts warn of a new phishing technique that abuses the commenting feature of Google Docs to send out emails that appear from a legitimate source. Threat actors added a comment to a Google Doc that refers to the target with an ‘@’ to automatically send a message that comes from Google. Pierluigi Paganini.
CyberSecurity Insiders
JANUARY 11, 2022
Are you a user of Google Documents aka Google Docs? The post Hack caused by a single click on Google Docs appeared first on Cybersecurity Insiders. Then you might have become a victim to a spear-phishing scam that steals people’s login credentials.
Dark Reading
JANUARY 6, 2022
Attackers use the comment feature in Google Docs to email victims and lure them into clicking malicious links.
The State of Security
JANUARY 7, 2022
Security researchers say they have seen a "massive wave" of hackers exploiting the comment feature in Google Docs to spread malicious content into the inboxes of unsuspecting targeted users. Read more in my article on the Tripwire State of Security blog.
Security Boulevard
FEBRUARY 9, 2023
We are pleased to announce the launch of our new and improved Axio Docs Portal! Read More The post Now Live: Axio Docs Portal appeared first on Axio. The post Now Live: Axio Docs Portal appeared first on Security Boulevard.
Bleeping Computer
JANUARY 6, 2022
A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. [.].
Security Boulevard
JANUARY 7, 2022
Security researchers say they have seen a “massive wave” of malicious hackers exploiting the comment feature in Google Docs to spread malicious content into the inboxes of unsuspecting targeted users. The post Attack Misuses Google Docs Comments to Spew Out “Massive Wave” of Malicious Links appeared first on The State of Security.
Malwarebytes
MARCH 8, 2022
One such Google Docs revamp is the “tag tool” which fetches lists of recommended people. Around October 2020, spam messages via Google Docs came to light. It’s worth noting this behaviour wasn’t just restricted to Docs; other apps like Slides were affected too. So far, so good. Specifically: the comments feature.
Bleeping Computer
MAY 5, 2022
A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google. [.].
Security Boulevard
JUNE 28, 2022
pushes ransomware direct from Office docs appeared first on Security Boulevard. Links between the two campaigns include shared code and campaign markers, while a Monero wallet address listed for ransom payment is tied to the Chaos Ransomware gang. The post Smash-and-grab: AstraLocker 2.0
Security Affairs
DECEMBER 30, 2020
Google has addressed a bug in its feedback tool incorporated across its services that could have allowed attackers to view users’ private docs. ” He explained that an attacker could modify the frame to an arbitrary, external website, to steal Google Docs screenshots. Luckily Google docs didn’t have one.”
Heimadal Security
SEPTEMBER 6, 2021
The post Windows 11 Alpha-Themed Docs Are Used to Deliver a New Malware appeared first on Heimdal Security Blog. The cybercriminals inserted macro code into Microsoft Documents. This malicious code downloads a JavaScript backdoor allowing the attacker to deliver any payload they […].
Security Boulevard
MAY 16, 2023
The post COURT DOC: Ransomware Charges Unsealed Against Russian National appeared first on Flashpoint. The post COURT DOC: Ransomware Charges Unsealed Against Russian National appeared first on Security Boulevard.
Heimadal Security
JANUARY 7, 2022
In December 2021, a new tendency in phishing attempts appeared, with cybercriminals exploiting the Google Docs commenting feature to send out emails that seemed legitimate. Before that, In June, Avanan reported on an exploit in Google Docs that allowed hackers to easily deliver malicious phishing websites to end-users.
Security Boulevard
SEPTEMBER 17, 2022
The post COURT DOC: USA v. The post COURT DOC: USA v. Attorney Philip R. Sellinger and National Security Division Assistant Attorney General Matthew Olsen announced. Mansour Ahmadi, Ahmad Khatibi, Amir Hossein Nickaein Ravari appeared first on Flashpoint.
Security Boulevard
AUGUST 15, 2021
The post The Coronavirus Cyber Doc Diagnosis: Work from Home appeared first on HolistiCyber. The post The Coronavirus Cyber Doc Diagnosis: Work from Home appeared first on Security Boulevard. The giants have taken heed: Amazon, Facebook, Google, Microsoft among others have all disseminated their office workers in specific […].
Security Affairs
SEPTEMBER 1, 2019
Attackers are using Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via camouflaged as PDF documents. Security experts at Cofense uncovered a malspam campaign the leverages Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via executables camouflaged as PDF documents.
Security Affairs
SEPTEMBER 4, 2021
doc) containing a decoy image claiming to have been made with Windows 11 Alpha. The post FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads appeared first on Security Affairs. The attack chain began with a Microsoft Word document (.doc) ” concludes the experts. Pierluigi Paganini.
SC Magazine
JUNE 17, 2021
Researchers on Thursday reported that hackers are using standard tools within Google Docs/Drive to lead unsuspecting victims to fraudulent websites, stealing credentials in the process. The attacker does not need the iframe tags and only needs to copy the part with the Google Docs link. The Google campus in Mountain View, California.
Security Affairs
AUGUST 28, 2022
The post Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit? Many other surveillance companies made the headlines in the last months, including NSO group , Candiru , and DSIRF. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, surveillance).
Security Boulevard
MAY 4, 2023
The post COURT DOC: Cybercriminal Network Fueling the Global Stolen Credit Card Trade is Dismantled appeared first on Flashpoint. The post COURT DOC: Cybercriminal Network Fueling the Global Stolen Credit Card Trade is Dismantled appeared first on Security Boulevard.
SecureWorld News
MARCH 28, 2023
txt,doc,docx,pdf,xls,xlsx,ppt,pptx,jpg,png,csv,bmp,mp3,zip,rar,py,db) Extract KeyChain database (base64 encoded)" MacStealer is designed to extract iCloud Keychain data, passwords, and credit card information from Google Chrome, Mozilla Firefox, and Brave browsers.
Security Boulevard
FEBRUARY 22, 2021
The post CipherCloud Chronicles 9: Docs Journey-Reassuring Data Classification with CipherCloud appeared first on CipherCloud. The post CipherCloud Chronicles 9: Docs Journey-Reassuring Data Classification with CipherCloud appeared first on Security Boulevard.
Security Boulevard
JUNE 12, 2023
The post COURT DOC: Russian Nationals Charged With Hacking One Cryptocurrency Exchange And Illicitly Operating Another appeared first on Flashpoint. The post COURT DOC: Russian Nationals Charged With Hacking One Cryptocurrency Exchange And Illicitly Operating Another appeared first on Security Boulevard.
Security Affairs
JANUARY 24, 2021
The post Tesla sues former employee for allegedly stealing sensitive docs appeared first on Security Affairs. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini. SecurityAffairs – hacking, Tesla).
Security Affairs
JANUARY 1, 2021
The post Alleged docs relating to Covid-19 vaccine leaked in darkweb appeared first on Security Affairs. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini. SecurityAffairs – hacking, COVID-19 vaccine).
Bleeping Computer
JANUARY 15, 2024
In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. [.]
Security Affairs
JULY 9, 2021
Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in malspam attacks. The post Hackers use a new technique in malspam attacks to disable Macro security warnings in weaponized docs appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.
Security Boulevard
OCTOBER 26, 2022
The post COURT DOC: USA v. The post COURT DOC: USA v. The documents allege that Sokolovsky, 26, is connected to Raccoon Infostealer, a cybercrime operation that infected millions of computers globally with malware. Mark Sokolovsky, aka “Photix”, aka “raccoonstealer”, aka “black21jack77777” appeared first on Flashpoint.
Security Affairs
OCTOBER 11, 2021
The post Improper Certificate Validation issue in LibreOffice and OpenOffice allows signed docs spoofing appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, OpenOffice).
Security Affairs
AUGUST 26, 2021
The post Personal Data and docs of Swiss town Rolle available on the dark web appeared first on Security Affairs. The group recently made the headlines because it is one of the ransomware gangs that are actively exploiting Windows print spooler PrintNightmare vulnerability in their attacks against Windows servers. Pierluigi Paganini.
Security Boulevard
SEPTEMBER 17, 2022
The post COURT DOC: USA v. The post COURT DOC: USA v. Attorney Philip R. Sellinger and National Security Division Assistant Attorney General Matthew Olsen announced. Mansour Ahmadi, Ahmad Khatibi, Amir Hossein Nickaein Ravari appeared first on Flashpoint.
Security Affairs
MARCH 20, 2020
The post UK printing company Doxzoo exposed US and UK military docs appeared first on Security Affairs. . ~ Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Doxzoo, data leak).
Security Affairs
JULY 9, 2021
Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. The post Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.
The Hacker News
FEBRUARY 1, 2024
Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code.
Security Boulevard
MAY 9, 2023
The post COURT DOC: Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia’s Federal Security Service appeared first on Flashpoint. Government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB).
Security Affairs
MAY 9, 2020
The post Sodinokibi gang hacked law firm of the celebrities and threatens to release the docs appeared first on Security Affairs. . ~ Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Sodinokibi ransomware, hacking).
Security Boulevard
MARCH 16, 2023
The post COURT DOC: Justice Department Investigation Leads to Takedown of Darknet Cryptocurrency Mixer that Processed Over $3 Billion of Unlawful Transactions appeared first on Flashpoint.
Malwarebytes
JUNE 21, 2022
The post Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine appeared first on Malwarebytes Labs.
Security Boulevard
MARCH 17, 2023
The post COURT DOC: Two Men Charged for Breaching Federal Law Enforcement Database and Posing as Police Officers to Defraud Social Media Companies appeared first on Flashpoint. The charges stem from Singh’s and Ceraolo’s efforts to extort victims by threatening to release their personal information online.
Tech Republic Security
MAY 4, 2017
A recent phishing scam has hit Gmail users with a fraudulent Google Docs link. Here's what to look out for.
Expert insights. Personalized for you.
We have resent the email to
Are you sure you want to cancel your subscriptions?
Let's personalize your content