Tag Archive for: unwanted

DeleFriend Vulnerability Could Allow Unwanted Access to APIs, According to Researchers

/in


Hunters researchers noted the vulnerability could lead to privilege escalation. Google said the report “does not identify an underlying security issue in our products.”

Cybersecurity researchers from the firm Hunters discovered a vulnerability in Google Workspace that could allow unwanted access to Workspace APIs. The flaw is significant in that it could let attackers use privilege escalation to gain access that would otherwise only be available to users with Super Admin access. Hunters named this security flaw DeleFriend.

Jump to:

Vulnerability uncovered in Google’s domain-wide delegation

According to the Hunters team, the vulnerability is based on Google Workspace’s role in managing user identities across Google Cloud services. Domain-wide delegation (DWD) connects identity objects from either Google Workspace Marketplace or a Google Cloud Platform Service Account to Workspace.

Domain-wide delegation can be used by attackers in two main ways: to create a new delegation after having gained access to a Super Admin privilege on the target Workspace environment through another attack, or to “enumerate successful combinations of service account keys and OAuth scopes,” Hunters said. This second way is the novel method the researchers have discovered. Yonatan Khanashvilli, threat hunting expert at Team Axon at Hunters, posted a much more detailed explanation of DeleFriend.

Response from Google

Hunters disclosed this flaw to Google in August 2023 and wrote, “Google is currently reviewing the issue with their Product team to assess potential actions based on our recommendations.”

An anonymous Google representative told The Hacker News in November 2023, “This report does not identify an underlying security issue in our products. As a best practice, we encourage users to make sure all accounts have the least amount of privilege possible (see guidance here). Doing so is key to combating these types of attacks.”

Why this Google Workspace vulnerability is particularly dangerous

Hunters said this vulnerability is particularly dangerous because it is long-term (GCP Service account keys do not have expiry dates by default), easy to hide and hard to…

Source…

Fake Adobe Flash Player | Android Malware Analysis | ESET Mobile Security

/in



Yup, the Android app store is full of useless, unwanted anti-WannaCry apps

/in
Yup, the Android app store is full of useless, unwanted anti-WannaCry apps

Apps claiming to protect Android users against WannaCry ransomware are popping up on Google Play, but all of them are a bunch of hogwash.

David Bisson reports.

Graham Cluley

Keep Unwanted Eyes and Ears Away from Your Mac with Camera Guard Pro [Deals Hub]

/in

There are prying eyes everywhere, including from inside your device. Don’t fall victim to a hack–keep your computer secure with the Camera Guard Pro. It’s on sale now from the iPhone Hacks Deals Hub. Covering your camera isn’t paranoid. It’s a …
mac hacker – read more