Summary: <br> Google fixes a major phishing attack, 2FA via text is still broken, and a remote code execution vulnerability has been reported to microsoft. All that coming up now on Threat Wire.<br> <br> -------------------------------<br> Shop: <a href="http://www.hakshop.com">http://www.hakshop.com</a> <br> Support: <a href="http://www.patreon.com/threatwire">http://www.patreon.com/threatwire</a> <br> Subscribe: <a href="http://www.youtube.com/hak5">http://www.youtube.com/hak5</a> <br> Our Site: <a href="http://www.hak5.org">http://www.hak5.org</a> <br> Contact Us: <a href="http://www.twitter.com/hak5">http://www.twitter.com/hak5</a> <br> Threat Wire RSS: <a href="https://shannonmorse.podbean.com/feed/">https://shannonmorse.podbean.com/feed/</a> <br> Threat Wire iTunes: <a href="https://itunes.apple.com/us/podcast/threat-wire/id1197048999">https://itunes.apple.com/us/podcast/threat-wire/id1197048999</a> <br> Help us with Translations! <a href="http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ">http://www.youtube.com/timedtext_cs_panel?tab=2&c=UC3s0BtrBJpwNDaflRSoiieQ</a> <br> ------------------------------<br> Links:<br> Big thanks to Jeffrey for this week’s Patreon Pick!<br> <a href="https://www.theregister.co.uk/AMP/2017/05/03/hackers_fire_up_ss7_flaw/?utm_content=bufferf297f&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer">https://www.theregister.co.uk/AMP/2017/05/03/hackers_fire_up_ss7_flaw/?utm_content=bufferf297f&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer</a> <br> <a href="https://www.theregister.co.uk/2017/03/30/fcc_must_act_on_ss7/">https://www.theregister.co.uk/2017/03/30/fcc_must_act_on_ss7/</a> <br> <a href="https://thehackernews.com/2017/05/ss7-vulnerability-bank-hacking.html">https://thehackernews.com/2017/05/ss7-vulnerability-bank-hacking.html</a> <br> <a href="https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/">https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/</a> <br> <a href="https://motherboard.vice.com/en_us/article/we-were-warned-about-flaws-in-the-mobile-data-backbone-for-years-now-2fa-is-screwed">https://motherboard.vice.com/en_us/article/we-were-warned-about-flaws-in-the-mobile-data-backbone-for-years-now-2fa-is-screwed</a> <br> <a href="https://thehackernews.com/2017/05/google-docs-phishing-email.html">https://thehackernews.com/2017/05/google-docs-phishing-email.html</a> <br> <a href="https://arstechnica.com/security/2017/05/google-phishing-attack-was-foretold-by-researchers-and-it-may-have-used-their-code/">https://arstechnica.com/security/2017/05/google-phishing-attack-was-foretold-by-researchers-and-it-may-have-used-their-code/</a> <br> <a href="https://arstechnica.com/security/2017/05/google-docs-phish-worm-grabs-your-google-app-permissions-contacts/">https://arstechnica.com/security/2017/05/google-docs-phish-worm-grabs-your-google-app-permissions-contacts/</a> <br> <a href="https://www.cnet.com/news/google-doc-phishing-scam/">https://www.cnet.com/news/google-doc-phishing-scam/</a> <br> <a href="https://motherboard.vice.com/en_us/article/that-twitter-account-claiming-the-google-docs-attack-was-research-is-dodgy-as-hell">https://motherboard.vice.com/en_us/article/that-twitter-account-claiming-the-google-docs-attack-was-research-is-dodgy-as-hell</a> <br> <a href="https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-email">https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-email</a> <br> <a href="https://threatpost.com/1-million-gmail-users-impacted-by-google-docs-phishing-attack/125436/">https://threatpost.com/1-million-gmail-users-impacted-by-google-docs-phishing-attack/125436/</a> <br> <a href="https://thehackernews.com/2017/05/windows-rce-exploit.html">https://thehackernews.com/2017/05/windows-rce-exploit.html</a> <br>
