Please login or sign up to post and edit reviews.
Google's not being ghosted from vulnerabilities. [Research Saturday] - Publication Date |
- Aug 26, 2023
- Episode Duration |
- 00:17:07
Tal Skverer from Astrix Security joins to discuss their work on "GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts." Astrix’s Security Research Group revealed a 0-day flaw in Google’s Cloud Platform (GCP) on June 19, 2022, which was found to affect all Google users.
The research states "The vulnerability, dubbed “GhostToken”, could allow threat actors to change a malicious application to be invisible and unremovable, effectively leaving the victim’s Google account infected with a trojan app forever." Google issued a patch to this vulnerability in April of this year, but researchers explain why this can be severe.
The research can be found here:
GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts
Learn more about your ad choices. Visit
megaphone.fm/adchoicesThis episode could use a review!
This episode could use a review! Have anything to say about it? Share your thoughts using the button below.
Submit Review