Malicious OAuth Apps Hide Themselves In Plain Sight - ThreatWire (AUDIO ONLY) (Patreon)

ThreatWire Totem Board - Limited Edition! - https://snubsie.com/threatwire-products/tw-totem 

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire! https://www.patreon.com/shannonmorse 

Follow Shannon on Social Media: https://snubsie.com/links 

What is a double supply chain attack? Cisco routers are being hit with attacks, and hiding malicious apps from view! All that coming up now on ThreatWire.

 #threatwire #hak5

ThreatWire by Shannon Morse is a weekly news journalism show covering cybersecurity topics for network admins, information security professionals, and consumers.

Watch this on youtube: https://youtu.be/i_2mG6dLuEI

Chapters:

00:00 Double Supply Chain Attack

03:29 Cisco Routers Attacked

04:56 GhostToken

Links:Links:

https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/

https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise

https://www.bleepingcomputer.com/news/security/3cx-hack-caused-by-trading-software-supply-chain-attack/

https://www.3cx.com/blog/news/security-incident-updates/

https://www.bleepingcomputer.com/news/security/critical-infrastructure-also-hit-by-supply-chain-attack-behind-3cx-breach/

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/xtrader-3cx-supply-chain

https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/jaguar-tooth/NCSC-MAR-Jaguar-Tooth.pdf

https://www.ncsc.gov.uk/news/apt28-exploits-known-vulnerability-to-carry-out-reconnaissance-and-deploy-malware-on-cisco-routers

https://www.bleepingcomputer.com/news/security/us-uk-warn-of-govt-hackers-using-custom-malware-on-cisco-routers/

https://thehackernews.com/2023/04/us-and-uk-warn-of-russian-hackers.html

https://astrix.security/ghosttoken-exploiting-gcp-application-infrastructure-to-create-invisible-unremovable-trojan-app-on-google-accounts/

https://www.itnews.com.au/news/google-oauth-bug-left-accounts-open-to-permanent-compromise-593573

https://thehackernews.com/2023/04/ghosttoken-flaw-could-let-attackers.html

https://www.bleepingcomputer.com/news/security/ghosttoken-gcp-flaw-let-attackers-backdoor-google-accounts/

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.