Cyber Security Headlines Google OAuth abused, Japan's trading scams, hijacking with Zoom
9 snips
Apr 22, 2025 A recent surge in cyber threats includes the misuse of Google OAuth in a DKIM replay attack. Japan tightens warnings as unauthorized trading scams proliferate. North Korean hackers are exploiting Zoom’s Remote Control feature for nefarious purposes. Additionally, the spotlight is on the impacts of leadership changes at CISA and Microsoft’s proactive steps to bolster security amid increasing breaches. These developments highlight the continuously evolving landscape of cybersecurity challenges.
AI Snips
Chapters
Transcript
Episode notes
Google OAuth Abuse via DKIM Replay
- Developer Nick Johnson discovered phishing emails abusing Google OAuth with exact phishing messages as app names.
- This technique exploits DKIM checks on headers allowing malicious emails to pass signature validation unnoticed.
Japan's Unauthorized Trading Surge
- Japan faces a spike in unauthorized trading worth $350 million due to stolen customer credentials.
- Phishing sites sell these credentials which are used to sell victims' stocks then buy Chinese stocks.
North Korean Zoom Hijacking Scam
- North Korean threat actors hijack Zoom remote control to steal cryptocurrency.
- They use phishing invites posing as podcast calls, then request remote control to install InfoStealer malware.