CyberWire Daily

The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.

https://thecyberwire.com/podcasts/daily-podcast

subscribe
share






episode 171: Attackers (ab)using Google Chrome. [Research Saturday]


Guest Bojan Zdrnja of Infigo IS and a certified instructor at SANS Institute shares an incident he discovered where attackers were using a pretty novel way of exfiltrating data and using that channel for C&C communication. The code that was acquired was only partially recovered, but enough to indicate powerful features that the attackers were (ab)using in Google Chrome. The basis for this attack were malicious extensions that the attacker dropped on the compromised system.

The research can be found here:

  • Abusing Google Chrome extension syncing for data exfiltration and C&C

Learn more about your ad choices. Visit megaphone.fm/adchoices


fyyd: Podcast Search Engine
share








 February 20, 2021  19m