🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

A Google Kubernetes security flaw could let anyone with a Gmail account compromise your business

Techradar

Techradar · 1y ago

A Google Kubernetes security flaw could let anyone with a Gmail account compromise your business

Google Kubernetes Engine (GKE) had a vulnerability named Sys:All, which allowed attackers with a Gmail account to take control of a Kubernetes cluster. It was revealed that there are around 250,000 active GKE clusters susceptible to this flaw. The system:authenticated group in GKE includes both verified and non-verified Google authenticated accounts, enabling threat actors to exploit a Google OAuth 2.0 bearer token and deploy malware, move within networks, or steal sensitive data. Google addressed the issue in versions 1.28 and later of GKE by blocking the binding of system:authenticated group to the cluster-admin role.

Related News

Google set to delete THESE accounts soon; is your account in list?

Livemint

Livemint · 1y ago

Google set to delete THESE accounts soon; is your account in list?

Google plans to delete inactive Gmail accounts that have been unused for more than two years, including their associated content in Google Workspace. This move aims to enhance security as inactive accounts are more vulnerable to breaches due to lack of two-factor authentication. To prevent account deletion, users are advised to log in at least once every two years on any Google-related service. Additionally, Google is expanding its Car crash detection feature to include India and other countries.

The mobile app for the 'world's biggest casino' had some major security flaws

Techradar

Techradar · 1y ago

The mobile app for the 'world's biggest casino' had some major security flaws

The mobile app for the "world's biggest casino," My WinStar, had a security flaw that exposed customers' private data. The app sent the data to an unprotected database on the web, accessible to anyone. The exposed database contained names, phone numbers, email addresses, and physical addresses. The security researcher who discovered the flaw tipped off TechCrunch, and the database's owner was confirmed to be Dexiga, the tech startup behind My WinStar. Dexiga claims the database only contained publicly available information. The database has since been secured.

No, Google Isn’t Sunsetting Gmail

Gizmodo

Gizmodo · 1y ago

No, Google Isn’t Sunsetting Gmail

A fake screenshot claiming that Google will be shutting down Gmail in August has been circulating on social media. The viral notice states that Gmail will no longer support sending, receiving, or storing emails after August 1, 2024. However, this is completely false. Gmail has confirmed that it is not sunsetting and will continue to provide its services. This incident highlights the ease with which fake claims can go viral on social media platforms like X, particularly after changes that have allowed anyone to purchase verification.

A new Microsoft Azure hacking campaign is targeting high-end executives

Techradar

Techradar · 1y ago

A new Microsoft Azure hacking campaign is targeting high-end executives

According to a report from Proofpoint, hackers are targeting senior executives and high-level professionals with phishing and cloud account takeover attacks. They have launched a campaign to compromise Microsoft Azure environments and cloud accounts. The hackers are distributing personalized phishing lures within shared documents that contain links redirecting victims to malicious phishing pages. They are targeting executives such as Sales Directors, Account Managers, and Finance Managers, potentially engaging in data exfiltration, business email compromise, and wire fraud. The attackers' infrastructure suggests they could be Russian and Nigerian in origin. Attribution to a specific threat actor has not yet been made.

Gmail’s smart replies will use AI to pull context from your inbox and Drive

The Verge

The Verge · 2m ago

Gmail’s smart replies will use AI to pull context from your inbox and Drive

Gmail’s smart replies, enhanced by AI, can now pull context from both your Gmail inbox and Google Drive to suggest more personalized replies. Using Gemini, these replies can match the tone and style based on the recipient, such as being more formal for managers. Initially available in English, this feature will be part of paid Workspace and Google One AI Premium plans. Gmail is also introducing inbox management and scheduling aids using AI.

Two decades later, a look at Gmail — Google’s best April Fool’s joke

Economic Times

Economic Times · 1y ago

Two decades later, a look at Gmail — Google’s best April Fool’s joke

Google launched Gmail on April 1, 2004, as an April Fool's surprise. Today, it is the most widely used email service globally, with an estimated 1.8 billion active accounts. In its early days, Gmail offered 1GB of storage per account, a significant leap from the capacity provided by other webmail services. It also introduced features like Google's search technology and threaded conversations. Over the years, Gmail has evolved with the addition of AI-driven features such as smart reply and help me write, which allow users to draft emails and generate responses with the assistance of AI.

Sex toy maker Lovense threatens legal action after fixing security flaws that exposed users' data | TechCrunch

TechCrunch · 7d ago

Sex toy maker Lovense threatens legal action after fixing security flaws that exposed users' data | TechCrunch

Lovense, the sex toy manufacturer, resolved security flaws that exposed users’ data and allowed account control by attackers. Following the fix, CEO Dan Liu hinted at potential legal action over allegedly incorrect reports about the vulnerabilities, disclosed by researcher BobDaHacker. Despite claims of no data compromise, outlets like TechCrunch verified the issue, while Lovense did not clarify data security measures. The situation reflects ongoing tensions over legal threats following security disclosures.

What 2023 taught us about eCommerce security

Techradar

Techradar · 1y ago

What 2023 taught us about eCommerce security

Cybersecurity threats in the retail sector are constantly evolving, with cybercriminals finding new ways to compromise valuable data. Account takeover (ATO) attacks, where cybercriminals use automated bots to compromise online accounts, have been on the rise. ATO attacks accounted for nearly 1 in 6 login attempts throughout the year, with a significant increase during the holiday season. Business logic abuse, where hackers exploit the existing functionality of applications, is also becoming more prevalent. Both consumers and businesses need to take steps to protect themselves, with good password practices and comprehensive defense strategies. In 2024, the adoption of generative AI could lead to a spike in attack volumes.

Google pays Apple $15,000 for hacking chrome security

Startup News FYI

Startup News FYI · 2y ago

Google pays Apple $15,000 for hacking chrome security

Google has rewarded Apple with $15,000 as part of its bug bounty program for discovering a critical security vulnerability in the Chrome web browser. The flaw allowed attackers to bypass Chrome's security mechanisms. The incident highlights the collaboration between tech giants in enhancing cybersecurity and protecting user data across different platforms.

Govt raises alarm over critical vulnerability in TP-Link routers: Details

Livemint

Livemint · 1y ago

Govt raises alarm over critical vulnerability in TP-Link routers: Details

CERT-In has issued an urgent advisory regarding a critical security flaw in TP-Link routers, commonly used in India. The vulnerability could allow remote attackers to execute unauthorized code with elevated privileges on affected systems. The flaw is present in TP-Link Archer models prior to C5400X(EU)_V1_1.1.7 Build 20240510. CERT-In recommends updating TP-Link software, changing default credentials, enabling strong encryption, and disabling remote management to enhance security. It is crucial to address this vulnerability promptly to protect against potential cyberattacks.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

June 2025

Helping your parents when you are miles away

The Pit Stop Your Cravings Deserve

The next generation E-commerce platform

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

Download the medial app to read full posts, comements and news.