July 26, 2024 at 03:08PM Google resolved a bug in Chrome’s Password Manager that caused user credentials to disappear for over 18 hours, affecting 2% of Windows users on Chrome 127. After fixing the issue and deploying a workaround, users were advised to restart their browser. If the fix didn’t apply, they were instructed to … Read more
May 20, 2024 at 06:16PM Google is leveraging a recent critical report of Microsoft’s security practices by the US Cyber Safety Review Board to promote its own Google Workspace suite. The report highlighted security failures and weaknesses in Microsoft’s Exchange Online. Google is offering a Secure Alternative Program with special pricing to attract organizations to … Read more
April 10, 2024 at 03:20PM Google is introducing a new Workspace feature, “multi-party approvals,” requiring multiple admins to approve high-risk setting changes to enhance security. It aims to prevent unauthorized or accidental modifications while providing a streamlined process for admins. The feature rolls out gradually over two weeks and requires activation in the Security settings. … Read more
March 1, 2024 at 04:12AM Summary: Cyber security incidents are costly, with an average data breach costing $4.35 million, and cyber attacks rose by 38% last year. To address this, Google Workspace offers a cloud-native architecture with zero-trust principles and AI-powered threat defences. A webinar on March 6 will cover preventing cyber threats, enabling safer … Read more
February 7, 2024 at 03:18PM Danish data protection authority orders 53 municipalities to stop sending student data to Google without a legal basis. They must document data processing, ensure Google complies with regulations, and limit data use to authorized purposes. The authority allows use of Google Workspace for educational services but restricts other purposes. Municipalities … Read more
December 13, 2023 at 08:30AM The US cybersecurity agency CISA has released draft guidance for federal agencies to securely use Google Workspace services. The guidance includes secure configuration baselines for nine GWS services and an assessment tool called ScubaGoggles. Federal agencies are encouraged to provide feedback on the draft baselines before January 12, 2024. CISA … Read more
November 28, 2023 at 10:12AM Google is disputing a security vendor’s report on a design weakness in Google Workspace that allegedly exposes users to data theft and other security issues. According to Hunters Security, a flaw in Google Workspace’s domain-wide delegation feature allows attackers to steal email, exfiltrate data, and perform unauthorized actions. Google denies … Read more
November 28, 2023 at 08:06AM A design flaw in Google Workspace’s domain-wide delegation (DWD) feature poses a serious security risk, allowing threat actors to gain unauthorized access to Workspace APIs. The flaw, called DeleFriend, can be exploited by manipulating existing delegations in Google Cloud Platform and Workspace. It enables theft of emails, data exfiltration, and … Read more
November 16, 2023 at 07:00AM Novel attack methods targeting Google Workspace and the Google Cloud Platform have been demonstrated, posing risks of ransomware, data exfiltration, and password recovery attacks. Threat actors could exploit vulnerabilities in Google Credential Provider for Windows (GCPW) to gain access to machines and bypass multi-factor authentication protections. These attacks highlight the … Read more
November 15, 2023 at 01:36PM Researchers at Bitdefender have identified weaknesses in Google Workspace that could potentially lead to ransomware attacks, data exfiltration, and password decryption. These vulnerabilities could also be used to access Google Cloud Platform with custom permissions and propagate from one machine to another. Google has stated that these weaknesses are outside … Read more