Tag: google
-
13 Produkt-Highlights der Black Hat USA
Tags: access, ai, api, application-security, business, chatgpt, cisco, cloud, compliance, credentials, crowdstrike, cybersecurity, data, detection, google, governance, Hardware, identity, leak, LLM, malware, marketplace, microsoft, monitoring, network, openai, phishing, risk, saas, service, soc, threat, tool, usa, vulnerability, zero-trustDas Mandalay Bay Convention Center wird zur Black Hat USA zum Cybersecurity-Hub 2025 lag der Fokus dabei insbesondere auf Agentic und Generative AI.Zur Black-Hat-Konferenz haben sich auch 2025 Tausende von Sicherheitsexperten in Las Vegas zusammengefunden, um sich über die neuesten Entwicklungen im Bereich Cybersecurity zu informieren und auszutauschen. Der thematische Fokus lag dabei in erster…
-
Black Hat 2025 Recap: A look at new offerings announced at the show
Tags: access, ai, api, application-security, automation, chatgpt, cisco, cloud, compliance, control, crowdstrike, dark-web, data, detection, google, governance, group, identity, intelligence, LLM, malware, microsoft, monitoring, network, openai, password, risk, saas, service, soc, software, threat, tool, vulnerability, zero-trustSnyk secures AI from inception: Snyk’s new platform capability, Secure at Inception, includes real-time security scanning that begins at the moment of code generation or execution. It offers visibility into generative AI, agentic, and model context protocol (MCP) components in software, and also features a new, experimental scanner for detecting AI-specific MCP vulnerabilities.Secure AI Inception…
-
Verdächtiger Google Konto-Zugriff: Liegt es am Google Remote Desktop?
Ich stelle mal eine Beobachtung im Blog ein, die ein Leser gemacht hat. Auf sein Google-Konto wurden ungewöhnliche Aktivitäten festgestellt und es erfolgte eine Abmeldung. Der Fall wirft Fragen auf, weil es ein Gerät war, bei dem kürzlich der Google … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/08/verdaechtiger-google-zugriff-liegt-es-am-google-remote-desktop/
-
Google discovered a new scam”, and also fell victim to it
Tags: googleDisclosure comes two months after Google warned the world of ongoing spree. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/08/google-sales-data-breached-in-the-same-scam-it-discovered/
-
Google Breached, What We Know, What They’re Saying
GOOG CRM PII AWOL: ‘ShinyHunters’ group hacked big-G and stole a load of customer data from a Salesforce cloud instance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/google-breach-salesforce-shinyhunters/
-
Payback: ‘ShinyHunters’ Clocks Google via Salesforce
In 2024, it was Snowflake. In 2025, it’s Salesforce. ShinyHunters is back, with low-tech hacks that nonetheless manage to bring down international megaliths like Google, Cisco, and Adidas. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/payback-shinyhunters-google-salesforce
-
Google Confirms Salesforce Data Breach by ShinyHunters via Vishing Scam
Google confirms a data breach by ShinyHunters hackers, who used a vishing scam to access a Salesforce database with small business customer info. First seen on hackread.com Jump to article: hackread.com/google-salesforce-data-breach-shinyhunters-vishing-scam/
-
Forrester und Google – Unternehmen kämpfen mit fehlenden Threat-Analysten
First seen on security-insider.de Jump to article: www.security-insider.de/fachkraeftemangel-deutsche-unternehmen-ki-loesung-a-729abdfeaed20cac7acd89a016aa8313/
-
Google Among Victims in Ongoing Salesforce Data Theft Campaign
Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-salesforce-data-theft/
-
Gemini AI Exploited via Google Invite Prompt Injection to Steal Sensitive User Data
Security researchers have discovered a series of critical vulnerabilities in Google’s Gemini AI assistant that allow attackers to exploit the system through seemingly innocent Google Calendar invitations and emails, potentially compromising users’ sensitive data and even controlling their smart home devices. The groundbreaking research reveals a new class of threats called >>Targeted Promptware Attacks,
-
‘We too were breached,’ says Google, months after revealing Salesforce attacks
Attackers may have claimed a Google breach, too: GTIG had also disclosed extortion activities related to UNC6040 intrusions, sometimes carried out several months after the initial data theft, by another threat group, UNC6240, which identified themselves as the notorious BreachForums admin ‘ShinyHunters’.At the time, the GTIG team had presumed the claim to be a stunt…
-
New Promptware Attack Hijacks User’s Gemini AI Via Google Calendar Invite
Cybersecurity researchers demonstrate a new attack on Google Gemini AI for Workspace. Discover how a simple calendar invite can be used to perform phishing, steal emails, and even control home appliances. First seen on hackread.com Jump to article: hackread.com/promptware-attack-hijack-gemini-ai-google-calendar-invite/
-
Smart Home mit Google Gemini: Fremde Jalousien per Kalendereinladung gesteuert
Forscher haben Googles Gemini per Prompt-Injection bösartige Befehle untergejubelt. Die KI steuerte daraufhin Jalousien, Beleuchtung und einen Boiler. First seen on golem.de Jump to article: www.golem.de/news/per-kalendereinladung-wie-hacker-ueber-google-ki-smart-home-geraete-steuern-konnten-2508-198909.html
-
Trotz Warnung: Cybergang klaut Daten aus Salesforce-Instanz von Google
Tags: googleEine laufende Vishing-Angriffswelle hat nun auch Google erfasst. Dabei hatte der Konzern erst vor wenigen Wochen selbst davor gewarnt. First seen on golem.de Jump to article: www.golem.de/news/trotz-warnung-cybergang-klaut-daten-aus-salesforce-instanz-von-google-2508-198904.html
-
A Single Poisoned Document Could Leak ‘Secret’ Data Via ChatGPT
Security researchers found a weakness in OpenAI’s Connectors, which let you hook up ChatGPT to other services, that allowed them to extract data from a Google Drive without any user interaction. First seen on wired.com Jump to article: www.wired.com/story/poisoned-document-could-leak-secret-data-chatgpt/
-
Chinese Groups Stole 115 Million US Cards in 16-Month Smishing Campaign
A SecAlliance report reveals Chinese smishing syndicates compromised 115M US payment cards by bypassing MFA to exploit Apple Pay and Google Wallet. First seen on hackread.com Jump to article: hackread.com/chinese-stole-115-million-us-cards-smishing-campaign/
-
The AI Security Dilemma: Navigating the High-Stakes World of Cloud AI
Tags: access, ai, attack, cloud, container, control, credentials, cve, data, data-breach, flaw, google, identity, infrastructure, intelligence, least-privilege, microsoft, risk, service, software, tool, training, vulnerability, vulnerability-managementAI presents an incredible opportunity for organizations even as it expands the attack surface in new and complex ways. For security leaders, the goal isn’t to stop AI adoption but to enable it securely. Artificial Intelligence is no longer on the horizon; it’s here, and it’s being built and deployed in the cloud at a…
-
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts under the guise of seemingly useful applications.These apps masquerade as VPNs, device “monitoring” apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in…
-
Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome
The China-aligned threat actor Mustang Panda, also known as Earth Preta, HIVE0154, RedDelta, and Bronze President, has been deploying the ToneShell backdoor against Windows users, primarily targeting government and military entities in the Asia-Pacific and Europe. Active since at least 2012, the group leverages spear-phishing emails with military-themed lures to deliver malicious archives, such as…
-
Google Gemini AI Bot Hijacks Smart Homes, Turns Off the Lights
Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected with artificial intelligence. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/google-gemini-ai-bot-hijacks-smart-homes
-
Google says the group behind last year’s Snowflake attack slurped data from one of its Salesforce instances
ShinyHunters suspected in rash of intrusions First seen on theregister.com Jump to article: www.theregister.com/2025/08/06/google_salesforce_attacks/
-
Google agrees to pause AI workloads to protect the grid when power demand spikes
On hot summer days, air conditioning is rather more important than search summaries First seen on theregister.com Jump to article: www.theregister.com/2025/08/04/google_ai_datacenter_grid/
-
5 Things To Know On Salesforce Data Theft Attacks
A wave of data-theft attacks against Salesforce CRM customers have now compromised Google in addition to numerous other major companies. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-things-to-know-on-salesforce-data-theft-attacks
-
Top 5 Google Authenticator Alternatives
Tags: googleLooking for an alternative to Google Authenticator? Here’s our comprehensive list covering the top competitors and alternatives to help you find your best fit. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/top-google-authenticator-alternatives/
-
Android gets patches for Qualcomm flaws exploited in attacks
Google has released security patches for six vulnerabilities in Android’s August 2025 security update, including two Qualcomm flaws exploited in targeted attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-gets-patches-for-qualcomm-flaws-exploited-in-attacks/
-
Google addresses six vulnerabilities in August’s Android security update
Android partners and customers have experienced a temporary respite from double-digit vulnerabilities this summer. Google issued no security patches in its update last month. First seen on cyberscoop.com Jump to article: cyberscoop.com/android-security-update-august-2025/