Google Apps Script Flaw Exploitable Resulting in Malware
Proofpoint in one fresh investigation outlines existing challenges to cyber security that are inbuilt to companies' offerings of SaaS (Software-as-a-Service). One instance is of security flaw found within Google Apps Script which could let cyber attackers to pull down malicious software through Google Drive websites onto their victims' PCs.
The IDC explains that SaaS applications are first type of cloud computing within business organizations, taking into its fold almost 66% of the entire general cloud expenditure, last year. The implication is that they're as well an extremely good medium for hackers seeking novel methods for distributing malicious software that help steal credentials, writes security research chief Maor Bin for threat systems products of Proofpoint.
The security flaw, a discovery of Proofpoint, is exploitable wherein con artists could utilize it for installing malicious software on a device, albeit the kind of attack hasn't still occurred.
At the foremost, malware executables are uploaded onto Google Drive that hackers may link for public use. After that the attackers distribute one Google Doc connected with the malicious software to target victims while present a message persuading them towards viewing that doc.
Cyber miscreants could exploit the vulnerability in Google Apps Script for serving malware onto their victims' machines. Proofpoint states it doesn't know about attackers who may've actively exploited the Google Apps Script flaw.
Conclusively, utilizing one SaaS app, for instance Google Drive, helps give a completely novel attack area which both consumers and businesses alike require guarding from. Being more-or-less new, many mayn't know about potential danger in a Google document. Moreover, as hackers find it much easier assembling SaaS application assaults in comparison to assaults using macros, it perhaps implies the current technique would get employed more often later while proliferate to Box, G-Suite and Office 365 from Google Drive.
» SPAMfighter News - 1/10/2018
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!