Threat actors can exfiltrate data from Google Drive without leaving a trace

Researchers from Mitiga claim that Google Workspace (previously G Suite) contains a flaw that might shield a malicious employee or outsider from learning about data exfiltration from Google Drive. Users of Google Drive first have a free licence called “Cloud Identity Free” before being given a paid licence, such as “Google Workspace Enterprise Plus,” by an IT administrator at their company.

“Using ‘Drive log events,’ Google Workspace gives users access to information about a company’s Google Drive resources, including actions like copying, deleting, downloading, and reading files. Events that involve other domains, like sharing an object with an outside user, are likewise recorded, according to Ariel Szarf and Or Aspir of Mitiga.

Threat actors can exfiltrate data from Google Drive without leaving a trace

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Threat actors can exfiltrate data from Google Drive without leaving a trace

01-Jun-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address