{"id":1889,"date":"2023-06-05T19:39:45","date_gmt":"2023-06-05T14:09:45","guid":{"rendered":"https:\/\/bscrackers.com\/?p=1889"},"modified":"2023-06-05T19:39:45","modified_gmt":"2023-06-05T14:09:45","slug":"google-workspace-bug-allows-untraceable-data-theft-from-drive-files-report","status":"publish","type":"post","link":"https:\/\/bscrackers.com\/?p=1889","title":{"rendered":"Google Workspace Bug Allows Untraceable Data Theft From Drive Files: Report"},"content":{"rendered":"<p> [ad_1]<br \/>\n<\/p>\n<div style=\"display:flex;justify-content:space-between;background:#f3f3f3;padding:0 15px 10px 10px;border-bottom:5px solid #e1261c\">\n<div style=\"width:510px;padding-top:10px;position:relative;height:350px\" class=\"jsx-1647035624 article_bimg\">\n<figure style=\"line-height:0;width:510px;height:340px\" class=\"jsx-1647035624\"><img fetchpriority=\"high\" decoding=\"async\" alt=\"This flaw affects only users who do not have a paid enterprise license for Google Workspace.\" title=\"This flaw affects only users who do not have a paid enterprise license for Google Workspace.\" src=\"https:\/\/images.news18.com\/ibnlive\/uploads\/2021\/07\/1627283897_news18_logo-1200x800.jpg?impolicy=website&amp;width=510&amp;height=356\" loading=\"eager\" width=\"510\" height=\"340\" class=\"jsx-1647035624\"\/><\/figure>\n<p style=\"line-height:18px;position:absolute;bottom:0;background:linear-gradient(transparent,#000);left:0;right:0;margin-bottom:0;font-size:12px;color:#fff;padding:32px 10px 5px;min-height:55px\" class=\"jsx-1647035624 imageCaption\">This flaw affects only users who do not have a paid enterprise license for Google Workspace.<\/p>\n<\/div>\n<div style=\"width:359px;padding-top:10px\" class=\"jsx-1647035624 article_bnow_box\">\n<h2 style=\"min-height:24px;font-size:14px;line-height:24px;color:#3f3f3f;font-weight:400\" class=\"jsx-1647035624\">Users who do not have a paid Google Workspace licence have their private drive actions left undocumented.&#13;<br \/>\n&#13;<br \/>\n<\/h2>\n<\/div>\n<\/div>\n<div id=\"article_ContentWrap\">\n<div class=\"jsx-1647035624\">\n<p id=\"0\" class=\"story_para_0\">Cybersecurity researchers have discovered a significant forensic security deficiency in Google Workspace that enables a hacker to exfiltrate data in Google Drive without any trace.<\/p>\n<p id=\"1\" class=\"story_para_1\">According to researchers from Mitiga Security, once a malicious user inside has accessed the organisation\u2019s Google Drive, they can take action without being recorded at all.<\/p>\n<p id=\"2\" class=\"story_para_2\">This flaw affects only users who do not have a paid enterprise licence for Google Workspace.<\/p>\n<p id=\"3\" class=\"story_para_3\">Users who do not have a paid Google Workspace licence have their private drive actions left undocumented.<\/p>\n<p id=\"4\" class=\"story_para_4\">Hackers can disable logging and recording by cancelling their paid licence and switching to the free \u201cCloud Identity Free&#8221; licence.<\/p>\n<p id=\"5\" class=\"story_para_5\">This enables threat actors to exfiltrate files without leaving any trace, save for the indication that a paid licence was revoked, which is visible to administrators.<\/p>\n<p id=\"6\" class=\"story_para_6\">\u201cA threat actor who gains access to an admin user can revoke the user\u2019s license, download all their private files, and reassign the license,&#8221; the researchers said.<\/p>\n<p><nonfly class=\"article_mad\" adunit=\"NW18_ENG_Desktop\/NW18_ENG_Tech\/NW18_ENG_Tech_AS\/NW18_ENG_TECH_AS_ROS_MID_728\" slotid=\"nw18-dynamic-div-8006959_6_11\" id=\"new_ad_7\"\/><\/p>\n<p id=\"7\" class=\"story_para_7\">The experts also notified Google of its findings, who is yet to respond.<\/p>\n<p id=\"8\" class=\"story_para_8\">Meanwhile, hackers are targeting iPhones with previously unknown malware, via iMessage to, gain complete control over the iOS device and spy on users.<\/p>\n<p><videocarousel\/><\/p>\n<p id=\"9\" class=\"story_para_9\">Cybersecurity company Kaspersky discovered the mobile Advanced Persistent Threat (APT) campaign targeting iOS devices with previously unknown malware.<\/p>\n<p id=\"10\" class=\"story_para_10\">Dubbed as \u2018Operation Triangulation\u2019, the ongoing campaign distributes zero-click exploits via iMessage to run malware gaining complete control over the device and user data, with the final goal to \u201chiddenly spy on users&#8221;.<\/p>\n<p><i class=\"disclaimer-content\">(This story has not been edited by News18 staff and is published from a syndicated news agency feed &#8211; <a href=\"https:\/\/www.ians.in\/\" target=\"_blank\" rel=\"noopener\">IANS<\/a>)<\/i> <\/div>\n<div class=\"jsx-1647035624 authorBox21 article_author\">\n<div class=\"jsx-1647035624 author_box\">\n<div class=\"author_box_inner\">\n<div class=\"img_box1 author_img\"><img decoding=\"async\" src=\"https:\/\/images.news18.com\/ibnlive\/uploads\/2023\/01\/bharat.jpeg?impolicy=website&amp;width=70&amp;height=70\" class=\"lazyload\" alt=\"\"\/><\/div>\n<div class=\"text1 author_content\"><a class=\"smalldesc1 author_name\" href=\"https:\/\/www.news18.com\/byline\/bharat-upadhyay.html\" target=\"_blank\" rel=\"noopener\"><span>Bharat Upadhyay<\/span><\/a><\/p>\n<div>Bharat Upadhyay, Senior Sub-Editor at News18 Tech, writes about technology and consumer gadgets. He has been covering the technology beat for over six<!-- -->&#8230;<a href=\"https:\/\/www.news18.com\/byline\/bharat-upadhyay.html\" class=\"read_more\" target=\"_blank\" rel=\"noopener\">Read More<\/a><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>[ad_2]<br \/>\n<br \/><a href=\"https:\/\/www.news18.com\/tech\/google-workspace-bug-allows-untraceable-data-theft-from-drive-files-report-8006959.html\" target=\"_blank\" rel=\"noopener\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad_1] This flaw affects only users who do not have a paid enterprise license for Google Workspace. Users who do not have a paid Google Workspace licence have their private drive actions left undocumented.&#13; &#13; Cybersecurity researchers have discovered a significant forensic security deficiency in Google Workspace that enables a hacker to exfiltrate data in &#8230; <a title=\"Google Workspace Bug Allows Untraceable Data Theft From Drive Files: Report\" class=\"read-more\" href=\"https:\/\/bscrackers.com\/?p=1889\" aria-label=\"Read more about Google Workspace Bug Allows Untraceable Data Theft From Drive Files: Report\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":1890,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[107],"tags":[],"class_list":["post-1889","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/bscrackers.com\/index.php?rest_route=\/wp\/v2\/posts\/1889","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bscrackers.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bscrackers.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bscrackers.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bscrackers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1889"}],"version-history":[{"count":0,"href":"https:\/\/bscrackers.com\/index.php?rest_route=\/wp\/v2\/posts\/1889\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bscrackers.com\/index.php?rest_route=\/wp\/v2\/media\/1890"}],"wp:attachment":[{"href":"https:\/\/bscrackers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1889"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bscrackers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1889"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bscrackers.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1889"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}