CrowdStrike and Google Cloud today debuted an expanded strategic partnership with a series of announcements that demonstrate our ability to stop cloud breaches with industry-leading AI-powered protection. These new features and integrations are built to protect Google Cloud and multi-cloud customers against adversaries that are increasingly targeting cloud environments. At a … [Read more...] about CrowdStrike and Google Cloud Expand Strategic Partnership
Google Chrome Adds V8 Sandbox
Apr 08, 2024NewsroomSoftware Security / Cybersecurity Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 … [Read more...] about Google Chrome Adds V8 Sandbox
Migrating from self-managed Elastic Stack to Elastic Cloud using Google Cloud
A great way to try out Elastic® for free is to create a self-managed deployment on your own local computer. Then when you're ready to take your usage of Elastic to the next level of scalability and global availability, you can migrate your self-managed Elastic deployment to Elastic Cloud. This blog post presents a step-by-step guide to help you do that using a snapshot and … [Read more...] about Migrating from self-managed Elastic Stack to Elastic Cloud using Google Cloud
Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
Jan 26, 2024NewsroomMalvertising / Phishing-as-a-service Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote … [Read more...] about Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
Jan 24, 2024NewsroomCloud Security / Kubernetes Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster. The critical shortcoming has been codenamed Sys:All by cloud security firm Orca. As many as 250,000 active GKE clusters … [Read more...] about Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset
Jan 03, 2024NewsroomMalware / Data Theft Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat … [Read more...] about Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset
Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service
Dec 28, 2023NewsroomCloud Security / Data Protection Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos … [Read more...] about Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service
Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
Dec 13, 2023NewsroomMobile Communication / Firmware security Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of … [Read more...] about Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, … [Read more...] about Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Enable Elastic Observability for Google Cloud Platform metrics
Developers and SREs choose to host their applications on Google Cloud Platform (GCP) for its reliability, speed, and ease of use. On Google Cloud, development teams are finding additional value in migrating to Kubernetes on GKE, leveraging the latest serverless options like Cloud Run, and improving traditional, tiered applications with managed services.Elastic Observability … [Read more...] about Enable Elastic Observability for Google Cloud Platform metrics