back to article Google Workspace weaknesses allow plaintext password theft

Novel weaknesses in Google Workspace have been exposed by researchers, with exploits potentially leading to ransomware attacks, data exfiltration, and password decryption. Researchers at Bitdefender say the methods could also be used to access Google Cloud Platform (GCP) with custom permissions and could move from machine to …

  1. sitta_europea Silver badge

    "When GCPW is installed on a machine, a local Google Accounts and ID Administration (GAIA) account is created, which has elevated privileges. GCPW then adds a credential provider to Windows' Local Security Authority Subsystem Service (LSASS) so that users can log into their Windows machine using their Workspace credentials."

    Who else thinks that's insane?

    1. Dinanziame Silver badge

      Not really, that's the point of LSASS accepting such a credential provider in the first place. This fits the cloudy model that everything important is done through the online services, and it doesn't matter which machine you use to access them because there's nothing important on the machine itself.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like