Exclusive Researcher Insights: New Methods for Extending Local Breaches in Google Workspace

Description

During the development of our XDR sensor for Google Workspace and Google Cloud Platform, we uncovered previously unknown attack methods for escalating a compromise from a single endpoint to a network-wide breach, potentially leading to ransomware attacks or data exfiltration. Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, gain access to the cloud platform with custom permissions, or decrypt locally stored passwords to continue their attack beyond the Google ecosystem. We will be joined by the security researcher who originally discovered these novel attack pathways to discuss: Exploring New Attack Methods, Mitigating Security Risks, and Technical Best Practices.