Vulnerability cyber

Google

Jul 10, 2024 1 min read
Google

Google's Advanced Protection Program (APP) users faced targeted digital attack risks but now have access to passkeys, a cryptographic authentication system offering a higher security level than passwords. Passkeys, which can be stored locally and protected with biometrics or a pin, are less susceptible to phishing and do not require carrying an additional physical token. This shift enhances security for public figures and those involved in controversial work who are at high risk. Despite being a significant step forward in cybersecurity, there's no indication that user data has been compromised as a result of previous vulnerabilities.

Source: https://www.wired.com/story/google-passkey-advance-protection-program/

TPRM report: https://scoringcyber.rankiteo.com/company/google

"id": "goo915071024",
"linkid": "google",
"type": "Vulnerability",
"date": "7/2024",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Google APP Users',
                        'type': 'Public Figures and Controversial Workers'}],
 'attack_vector': 'Phishing',
 'description': "Google's Advanced Protection Program (APP) users faced "
                'targeted digital attack risks but now have access to '
                'passkeys, a cryptographic authentication system offering a '
                'higher security level than passwords. Passkeys, which can be '
                'stored locally and protected with biometrics or a pin, are '
                'less susceptible to phishing and do not require carrying an '
                'additional physical token. This shift enhances security for '
                'public figures and those involved in controversial work who '
                'are at high risk. Despite being a significant step forward in '
                "cybersecurity, there's no indication that user data has been "
                'compromised as a result of previous vulnerabilities.',
 'initial_access_broker': {'high_value_targets': 'Public figures and '
                                                 'controversial workers'},
 'lessons_learned': 'Enhanced security with passkeys reduces phishing risks',
 'motivation': 'Targeting high-risk users including public figures and '
               'controversial work',
 'post_incident_analysis': {'corrective_actions': 'Introduction of passkeys',
                            'root_causes': 'Vulnerability in password-based '
                                           'authentication'},
 'recommendations': 'Adopt passkeys for high-risk users',
 'response': {'remediation_measures': 'Introduction of passkeys'},
 'title': 'Google APP Users Face Targeted Digital Attack Risks',
 'type': 'Targeted Digital Attack Risks',
 'vulnerability_exploited': 'Password-based authentication'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.