Story image

Google Groups users unwittingly leaking information: Change sharing settings now

25 Jul 2017

Google has been the focus of two major security warnings this week, one of which exposes a major hole in Google Groups file privacy.

Security firm RedLock detected a major misconfiguration in Google Groups, which publicly exposed sensitive details from hundreds of groups.

When using Google Groups, changing the sharing option for ‘Outside this domain – access to groups’, which allows users to make files public or private. A handful of major companies chose to make some information ‘public on the internet’, inadvertently exposing sensitive information to anyone who uses the internet.

Those groups include an online weather company, a cloud-based helpdesk provider and a video advertising platform.

RedLock is urging all Google Groups users to set the sharing for “Outside this domain – access to groups” to ‘private’.

RedLock CEO and co-founder Varun Badhwar says that simple configuration errors, even in cloud applications such as Google, can have serious effects.

“In today’s environment, it’s imperative that every organization take steps to educate employees on security best practices and leverage tools that can automate the process of securing applications, workloads and other systems. In the cloud, for example, a resource only exists for 127 minutes on average – there’s no way for IT teams alone to keep up with this rapid rate of change,” Badhwar says.

Meanwhile, Google has also fixed a problem with its name spoofing vulnerability. Researchers at Proofpoint discovered vulnerabilities that could allow attackers to bypass Google controls in apps.

Google introduced controls after the OAuth worm, however attackers could potentially launch a repeat of that attack.

“If exploited, the name spoofing vulnerability would have been harder to detect and stop than the original May 2017 attack, which tricked users into authorizing illegitimate Google docs applications and collected/targeted their email contacts,” comments Proofpoint vice president of threat operations, Kevin Epstein.

Proofpoint recommends that users take the following precautions when installing apps:

  • Verify the authenticity of the app’s developer including whitelisting apps for your enterprise.
  • Understand what the app is doing before you install it.
  • If you installed a suspect, unverified app, revoke permission via

Proofpoint says that Google has now remediated the issue, but caution is still advised.

“Securing third-party applications is extremely important as more and more organizations rely on cloud-based solutions to conduct operations worldwide,” Epstein concludes.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.