Attackers who gain privileges in a Google Cloud Platform (GCP) environment can potentially access critical data and systems by abusing a design flaw in domain-wide delegation (DWD), a feature that lets applications access user data across Google Workspace (GWS) apps such as Gmail, Google Calendar, and Google Drive.In a blog post Nov. 28, Team Axon researchers at Hunters said they primarily focused on gaining a full understanding of the attack surface and most important, how security teams can detect it effectively. The design flaw and accompanying research paper were reported to Google in August as part of Google’s “Bug Hunters” program.Team Axon researchers said the flaw remained active as of Nov. 28.To help security teams proactively respond to this news, Team Axon introduced a new proof-of-concept tool that will allow for a full takeover of the GWS domain using relevant GCP role permissions. The researchers said with this tool, red teams, pen testers and security researchers can evaluate their security risks and improve the posture of their GWS and GCP environments.
IAM Technologies, Cloud Security
Google cloud environment flaw lets attackers access critical data, systems

Security teams should review permissions in Google Workspace, experts say. (Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds