{"id":16751,"date":"2017-05-03T18:37:40","date_gmt":"2017-05-03T23:37:40","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=16751"},"modified":"2017-05-03T18:37:40","modified_gmt":"2017-05-03T23:37:40","slug":"oauth-phishing-against-google-docs-beware","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=16751","title":{"rendered":"OAUTH phishing against Google Docs ? beware!"},"content":{"rendered":"<blockquote><p>As you can see, it appears as Google Docs wants full access to my Gmail as well as my contacts. Of course, this is not real Google Docs \u2013 the attacker has simply named his \u201capplication\u201d Google Docs \u2013 this can be verified by clicking on the Google Docs text where the real web site behind this and developer info is shown:<\/p><\/blockquote>\n<p>Source: <em><a href=\"https:\/\/isc.sans.edu\/diary.html\">InfoSec Handlers Diary Blog &#8211; OAUTH phishing against Google Docs ? beware!<\/a><\/em><\/p>\n<blockquote><p>Finally, if you accidentally clicked on &#8220;Allow&#8221;, go to\u00a0<a href=\"https:\/\/myaccount.google.com\/u\/0\/permissions?pli=1\">https:\/\/myaccount.google.com\/u\/0\/permissions?pli=1<\/a> to revoke permissions.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>As you can see, it appears as Google Docs wants full access to my Gmail as well as my contacts. Of course, this is not real Google Docs \u2013 the attacker has simply named his \u201capplication\u201d Google Docs \u2013 this &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=16751\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1121],"tags":[1125,423,1169],"class_list":["post-16751","post","type-post","status-publish","format-standard","hentry","category-current-events","tag-exploit-vector","tag-google","tag-phishing"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16751","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16751"}],"version-history":[{"count":1,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16751\/revisions"}],"predecessor-version":[{"id":16752,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16751\/revisions\/16752"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16751"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}