Google | June 02, 2020
According to Cyware, researchers at Trustwave recently discovered numerous hackers infecting users with malware by targeting them via Google's Cloud infrastructure.
By leveraging Google Cloud’s infrastructure in their campaigns, threat actors have attached Google Firebase storage URLs to various phishing emails.
Once a user clicks on the Firebase link in the email, they are directed to a fake login page that requests their login credentials.
According to Cyware, researchers at Trustwave recently discovered numerous hackers infecting users with malware by targeting them via Google's Cloud infrastructure. A number of phishing campaigns uncovered by the team of researchers found that threat actors are using Google Firebase storage URLs to dupe users into giving up their login credentials. By leveraging Google Cloud’s infrastructure in their campaigns, threat actors have attached Google Firebase storage URLs to various phishing emails. Once a user clicks on the Firebase link in the email, they are directed to a fake login page that requests their login credentials. Once an unsuspecting user has entered their credentials, she fake page shares them with the hackers.
Per Trustwave: “This phishing campaign although low in volume seems to be targeting a range of industries, as well as being detected by our spam traps. Some exemplar phishing messages used in this campaign are illustrated here. The major themes include payment invoice, upgrade email account, release pending messages, verify account, account error, change password, etc.” Trustware also observed threat actors using the coronavirus pandemic and internet banking lures to trick victims into accessing fake vendor-payment forms designed to harvest users’ login credentials. Other tactics the hackers used included Microsoft Outlook and Office 365 phishing pages that harvest corporate login credentials.
Read more: NET ONE SYSTEMS ADOPTS JUNIPER'S CONTRAIL ENTERPRISE SOLUTION TO FURTHER NETWORKING INFRASTRUCTURE
The use of cloud infrastructure is gaining popularity among cyber criminals as they are not easily flagged by security controls, Cyware explained, adding, Because of the large user base of Google cloud services, such phishing emails can often be overlooked by the security teams.
The use of cloud infrastructure is gaining popularity among cyber criminals as they are not easily flagged by security controls,” Cyware explained, adding, Because of the large user base of Google cloud services, such phishing emails can often be overlooked by the security teams. To combat such phishing attempts, individuals and tech leaders should ensure that they’re up to date on hackers’ latest endeavors. As one might imagine, the more knowledgeable a user is, the better prepared they are to avoid falling victim to nefarious phishing campaigns. Hackers have been abusing Google’s cloud computing service to redirect and intercept web and mail traffic on an array of vulnerable consumer routers.
Google Cloud’s infrastructure in their campaigns, threat actors have attached Google Firebase storage URLs to various phishing emails. Once a user clicks on the Firebase link in the email, they are directed to a fake login page that requests their login credentials.
The fraudulent emails cut through industries to take control of the Firebase’s data storage API in a Google Cloud Storage bucket and secretly keep malicious URLs in phishing emails, which then direct users to fraudulent pages. Fahim Abbasi, a researcher at Trustware, spoke about these phishing campaigns in his blog post and mentioned, while these campaigns deployed common phishing baits, the adoption of Google Firebase storage URLs made them look unique and authentic. He added, actors have taken undue advantage of Google’s reputation and cloud infrastructure to carry out phishing credential harvesting pages. Additionally, Abbasi also presented about nine examples with major themes of the phishing campaigns, which include release pending messages, payment invoice, verify account, upgrade email account, change password, account error, and several other similar to these.
Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail and YouTube. Alongside a set of management tools, it provides a series of modular cloud services including computing, data storage, data analytics and machine learning. Registration requires a credit card or bank account details. Google Cloud Platform provides infrastructure as a service, platform as a service, and serverless computing environments. In April 2008, Google announced App Engine, a platform for developing and hosting web applications in Google-managed data centers, which was the first cloud computing service from the company. The service became generally available. Since the announcement of the App Engine, Google added multiple cloud services to the platform.
Read more: COVID-19 HAS ACCELERATED THE LONG-DUE INVESTMENTS INTO DIGITAL INFRASTRUCTURE
siliconangle | September 07, 2020
In a big win for its networking business, Samsung Electronics Co. Ltd. has inked a $6.65 billion contract with Verizon Communications Inc. to supply the carrier with 5G infrastructure and related technology. Bloomberg reported on the deal Sunday evening, citing a regulatory filing submitted in South Korea. The deal is one of the largest network infrastructure contracts for Samsung to date and shows that its investments in 5G are starting to bear fruit. The company, though historically not a major player in the carrier equipment market, has been heavily investing in 5G technology over the last decade.
SiTune | July 26, 2021
SiTune, the pioneer of mmWave Antennas to Algorithms, and MixComm, the innovator of several generations of state-of-the-art RF and Mixed-signal System on a Chip, announced a partnership to create 5G mmWave reference designs. These solutions will be based on SiTune's IceWings RF transceiver and MixComm's mmWave solutions, including the newly announced SUMMIT2629 Beamformer Front End IC ECLIPSE3741 Antenna in Package.
SiTune and MixComm have both been acknowledged for creating high-performance, low-energy 5G solutions. Customers will be able to design systems that optimize performance and thermal efficiency while maintaining an optimum bill of materials and a short time to market due to this collaboration. In addition, the two firms' initial reference designs will be suitable for 5G O-RAN infrastructure such as small cells and customer premises equipment.
About SiTune Corporation
SiTune Corporation is a pioneer in developing several generations of cutting-edge RF and mixed-signal Systems on a Chip for 5G wireless transceivers and broadcast receivers. Tuners for sophisticated multi-channel TVs, Set-top Boxes, and Mobile TVs are presently available from SiTune. SiTune products are defined by their unique architecture and design, which results in reduced power consumption and better performance. SiTune is based in San Jose, California.
About MixComm Inc.
MixComm, headquartered in Chatham, New Jersey, is the leading provider of mmWave Antennas to Algorithms solutions for future wireless applications and industries. MixComm launched the first in a range of millimeter-wave devices in 2020, delivering new levels of performance and integration for 5G infrastructure and Satellite Communication. Kairos Ventures is funding the company's technology, which is based on discoveries from Dr. Krishnaswamy's CoSMIC lab at Columbia University.