Actively exploited open redirect in Google Web Light
· β˜• 9 min read
An open redirect vulnerability exists in the remains of Google Web Light service, which is being actively exploited in multiple phishing campaigns. Google decided not to fix it, so it might be advisable to block access to the Web Light domain in corporate environments...

SANS ISC Diary - A new spin on the ZeroFont phishing technique
· β˜• 1 min read
A new Diary of mine was published today on the SANS Internet Storm Center website. In this one, we’ll take a look at a novel phishing technique, in which text written in zero-size font is used in order to make messages appear more trustworthy…