Summary: The video discusses ongoing security issues related to Google Ads, where users are being targeted by phishing scams that lead to credential harvesting. It highlights the role of specific malicious actors and recent sanctions imposed by the US government against certain individuals and organizations involved in cyber crimes.
Keypoints:
- The presence of phishing ads within Google Ads is a significant issue, with users being targeted for credential theft.
- Google Ads does not display the final URL, enabling malicious actors to create deceptive ads that redirect users to phishing sites.
- Hackers utilize Google creation domains to host phishing websites, impersonating legitimate services like Homebrew.
- Recent analysis indicates two main groups involved in this phishing scheme, one based in Brazil and another in Hong Kong.
- US government departments are tightening security in response to the rise in cyber threats, especially after a high-profile hack in late 2024.
- Sanctions have been placed on individuals and companies linked to significant breaches, specifically targeting threats connected to the People’s Republic of China.
- The video outlines severe vulnerabilities in Fortinet products that have been attributed to a high CVSS score and provide guidance on necessary updates.
- A hacking group, known as “Bellson Group,” has leaked sensitive data of more than 15,000 Fortinet instances, claiming to include both governmental and private sector information.
- Discussions regarding live streaming and potential frequency of ThreatWire episodes are mentioned in the video.
Youtube Video: https://www.youtube.com/watch?v=sEeupeGTI_0
Youtube Channel: Hak5
Video Published: Wed, 22 Jan 2025 17:01:07 +0000