Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel

By Newsroom

Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023. "The script creates a 'Covert Channel' by exploiting the event

Related tags
November 6^th 2023 at 08:25

The Hacker News
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
October 25^th 2023 at 04:47

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

By Newsroom

Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files

Related tags
October 25^th 2023 at 04:47