Editor’s note: There is a lot going on in the world of IT, from emerging technologies to digital transformation and new cybersecurity threats. However, we can’t possibly cover it all, so we’ll bring you This Week in IT, a curated summary of IT and enterprise technology stories each week.
New Google Meet live-sharing features
As it continues to merge Duo and Meet, Google says it is bringing new live-sharing features to Meet that allow users to interact with content being shared.
According to Google, that includes things like YouTube videos, Spotify playlists, games and more. The upgrade will take place throughout August across mobile and tablets devices, and later for other devices.
Users are beginning to see the Duo app icon change to Google Meet, the company says.
Read this blog for more information.
Cisco hit in phishing attack
Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized and conducting sophisticated voice phishing attacks to convince the victim to accept multifactor authentication push notifications.
Cisco says it does not believe the attacker, believed to be affiliated to the Lapsus$ threat group and Yanluwang ransomware operators, accessed any critical internal systems. However, Cisco says it found no evidence of ransomware payloads being deployed.
According to Bleeping Computer, the threat actor emailed the IT media organization a directory listing of files allegedly stolen during the attack, claiming to have stolen 2.75GB of data and about 3,100 files.
Read the Cisco Talos blog and the company’s incident advisory for more information.
IT spending continues growing despite possible recession
Citing a study from Spizeworks Ziff Davis, PCMag reports that the majority of companies in North America and Europe plan to increase IT spending over the next 12 months. Just over half of companies will increase their year-over-year tech spending, and just 6% will decrease their spending. Of those that plan to increase spending, the average expected increase in 21%.
These findings come even as 86% of companies worry that a recession is imminent, PCMag reports.
CISA warns of Zeppelin ransomware
The U.S. Cybersecurity & Infrastructure Security Agency is warning organizations to look out for Zeppelin ransomware, a ransomware-as-a-service tool used since 2019 to target business and critical infrastructure, including defense contractors, educational institutions, manufacturers, tech companies and healthcare.
According to the agency, the group gains initial access through RDP exploitation, SonicWall vulnerabilities and phishing attacks.
Read the advisory for more information and indicators of compromise.
Google introduces stronger Workspace account protection
Google says it is rolling out stronger safeguards for sensitive actions taken in Google Workspace that will prompt users to present a second factor to verify their identity when certain risky actions are taken. For example, if an account is compromised and an attacker tries to change the name on an account, the action will be blocked until the true account owner can verify the change.
The feature only supports users that use Google as their identity provider and actions taken within Google products. SAML users are not supported at this time, the company says.
Read Google’s Workspace Updates blog for more information.
Leave a Reply