Recent years saw a surge in cloud tech adoption, highlighting the efficiency through tools like Google’s Domain-Wide Delegation.
It enables GCP (Google Cloud Platform) identities to perform tasks in GWS (Google Workspace) apps on behalf of Workspace users, streamlining work processes.
Cybersecurity researchers at Hunters’ Team Axon recently found a design flaw in Google Workspace’s Domain-Wide Delegation, which is dubbed as “DeleFriend.”
This flaw allows:-
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
Google Cloud and Workspace share a vital connection through Domain-Wide Delegation. While Google Cloud IAM handles internal resource control, Workspace is the central ‘hub’ for user management.
The integrated identity concept is key, whether through Workspace or Cloud Identity, even for organizations using third-party IdP like Okta or Azure AD for GCP services.
Google Workspace’s Domain-Wide Delegation streamlines app access to Workspace data and helps boost efficiency.
With OAuth 2.0, developers grant service accounts user data access without individual consent, which:-
Here below, we have mentioned the types of main global delegated object identities that Google Workspace allows to create:-
Google adopts OAuth 2.0 RFC 6749 for delegated authorization, mirroring other cloud providers. This allows identities to grant permissions to Workspace REST API apps without exposing credentials.
However, besides this, the researchers demonstrated the flaw with the help of two scenarios, and here below, we have mentioned those scenarios:-
Here below, we have mentioned all the advantages that this attack vector brings to the threat actors:-
Here below we have mentioned all the mitigation recommendations that the cybersecurity researchers recommend:-
Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.
Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of…
As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…
Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…
MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…
Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…
A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…