The Google Cloud Platform (GCP) has recently been patched against a zero-day vulnerability called GhostToken, which allowed attackers to infect the platform to create an invisible and irrecoverable backdoor. A malicious attacker could exploit this flaw and gain access to a victim’s account.
By exploiting this flaw, he could also manipulate their data and documents within Gmail or Google Docs. As a result, the victim is completely unaware that this is taking place.
By the name GhostToken, the issue has been identified by Israeli cybersecurity startup Astrix Security. The issue affects all Google accounts, including enterprise accounts. From June 19 through June 20, 2022, this issue was discovered and reported to Google. More than nine months after the global patch was released on April 7, 2023, the company deployed a global update.
According to a recent post by Astrix Security, the GhostToken zero-day vulnerability could allow malicious apps to be installed in the target Google Cloud via the GhostToken zero-day vulnerability.
The flaw allows attackers to hide their malicious apps from the victim’s “Application Management” page in their Google Account to hide them from view by a user logged in to their Google Account. A user is unable to revoke access by doing this. This prevents them from doing so.
By doing this, it is en
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: