Security News
Google is rolling out a new Workspace feature that requires multiple admins to approve high-risk setting changes to prevent unauthorized or accidental modifications that could reduce security. Google Workspace is a comprehensive suite of cloud-based productivity and collaboration tools, integrating services such as Gmail, Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar, offering a unified solution for businesses, educational institutions, and individuals.
Google is rolling out multi-party approvals for Google Workspace customers with multiple super admin accounts, the company has announced. The multi-party approvals feature is one of many that were announced by the Google Workspace team in August 2023.
GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating...
If you're a Google Workspace administrator or user selecting an application from the Google Workspace Marketplace, your first task is to make sure an application does the job you want completed as easily as possible. Google offers an Independent Security Verification badge for applications in the Google Workspace Marketplace.
Cybersecurity researchers from the firm Hunters discovered a vulnerability in Google Workspace that could allow unwanted access to Workspace APIs.According to the Hunters team, the vulnerability is based on Google Workspace's role in managing user identities across Google Cloud services.
A design flaw in Google Workspace's domain-wide delegation feature, discovered by Hunters' Team Axon, can allow attackers to misuse existing delegations, enabling privilege escalation and unauthorized access to Workspace APIs without Super Admin privileges. Such exploitation could result in the theft of emails from Gmail, data exfiltration from Google Drive, or other unauthorized actions within Google Workspace APIs on all the identities in the target domain.
Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege...