Black Cat Security

Azure Kubernetes Service (AKS) Threat Hunting

As more businesses shift away from running workloads on dedicated virtual machines to running them inside containers using workload orchestrators like Kubernetes, adversaries have become more interested in them as targets. Moreover, the benefits Kubernetes provides for managing workloads are also extended to adversaries. As adversaries leverage Kubernetes to run their workloads, their understanding of how these platforms work and can be exploited increases.

Client-side encryption for Gmail is now generally available

What’s changing 

Beginning today, client-side encryption for Gmail is now generally available for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. For customers currently enrolled in the beta, your experience will not change. 

Workspace already encrypts data at rest and in transit by using secure-by-design cryptographic libraries. Client-side encryption takes existing encryption capabilities to the next level by ensuring that customers have sole control over their encryption keys—and thus complete control over access to their data.

For more information, read the latest Workspace blog and our original beta announcement.

Getting started 

  • Admins
  • End users: Once enabled by your Workspace admin, to add client-side encryption to any message, click the lock icon and select additional encryption, and compose your message and add attachments as normal. 

Rollout pace 

Availability 

  • Available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers 
  • Not available to users with personal Google Accounts 

Resources

First steps in CHERIoT Security Research

At Microsoft, we invest a lot of time researching and investigating possibilities in our journey to memory safety. Because the massive majority of existing codebases are written in unsafe programming languages, the task of protecting legacy code is very important.
Hardware solutions are an attractive approach because they introduce very powerful security properties with low overheads compared to purely software solutions.

Expanding noise cancellation in Google Meet to more devices

Quick summary 

To limit distractions during meetings, Google Meet offers noise cancellation to filter out background noises such as a closing door or the sounds of a nearby construction site. Beginning today, noise cancellation is: 
  • Available for users with personal Google Accounts on a wider variety of Android mobile devices. 
  • Available for Google Workspace Business Starter, Education Fundamentals, Education Standard customers. 
  • Enabled by default for third-party devices that connect to Meet using Pexip 
Expanding this functionality helps make calls more productive by reducing distractions across a wider variety of devices. 

Getting started 

  • Admins: 
  • End users: 
    • Visit the Help Center to learn more about turning filtering out noise from your meeting on Google Meet.
    • If you’re joining using a Workspace account, the meeting host's Workspace edition will determine the default state. You can turn the feature on or off from the settings menu. 
    • If you’re joining a meeting on an Android device with your personal Google Account, noise cancellation is OFF by default. 

Rollout pace 

Resources 

All newly created spaces in Google Chat will be in-line threaded beginning March 13, 2023

What’s changing 

As previously announced, we’re streamlining the way you organize conversations in Google Chat. Starting March 13, 2023, all newly created spaces in Google Chat will be in-line threaded. Users will no longer have the option to organize them by conversation topic, where related messages and replies were grouped together in the main conversation window. Existing spaces organized by conversation topic will continue to function as they do today. 
Later this year, existing spaces organized by conversation topic will be migrated to the new in-line threaded experience — we will provide more information on the Workspace Updates blog and via email to the primary admin in your domain ahead of this change.
In-line threaded spaces
Space organized by conversation topic

Who’s impacted

Admins and end users 

Why it’s important 

Spaces in Google Chat can help you communicate with a group of people or an organization about a topic, project, or shared interest. We’ve heard from users that having two different options to organize their spaces can be confusing. To streamline the user experience and accelerate product development, we’re focusing on the model most users prefer: in-line threading. With in-line threading, you can reply to any message and create a separate discussion isolated from the main conversation. In-line threads can be helpful when you want to reply to a specific message or discuss a topic in-depth without disrupting the flow of the main conversation.
Thread panel to create a separate discussion isolated from the main conversation in an in-line threaded space

In-line threaded spaces are more organized, making it easier for you to: 

  • Scan and understand what’s being discussed in the space 
  • Browse all topics via the active thread navigation panel 
  • Find and follow the most relevant topics and conversations

Additional details 

All spaces created on or after March 13, 2023, will be in-line threaded. Starting on that date, the option to “Organize the conversation by topic” will no longer be visible when users create a new space.

Getting started 

Rollout pace 

Availability 

  • Available to all Google Workspace customers, as well as legacy G Suite Basic and Business customers 
  • Not available to users with personal Google Accounts

Resources

Save time with suggested work locations in Google Calendar

What’s changing 

Since announcing the ability to share where you’re working from directly on Google Calendar, we’ve introduced features that enable better planning around in-person collaboration and meeting coordination, especially in a hybrid work environment. A few include: 

Today, we’re adding an update that helps you easily define your work location much quicker with suggested working locations based on your recent locations. 

Getting started 

Rollout pace 

Availability 

  • Available to Google Workspace Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Plus, Education Standard, Teaching & Learning Upgrade, and Nonprofits, as well as legacy G Suite Business customers 
  • Not available to Google Workspace Essentials, Business Starter, Enterprise Essentials, Frontline, and legacy G Suite Basic customers 
  • Not available to users with personal Google Accounts 

Resources 

Google Workspace Updates Weekly Recap – February 24, 2023

4 New updates

Unless otherwise indicated, the features below are fully launched or in the process of rolling out (rollouts should take no more than 15 business days to complete), launching to both Rapid and Scheduled Release at the same time (if not, each stage of rollout should take no more than 15 business days to complete), and available to all Google Workspace and G Suite customers.


View your peripheral devices directly in the Google Meet green room
Before joining a Google Meet meeting, you’ll be able to instantly check which of your peripheral devices are available and connected. You can still view your peripheral devices via the settings menu, but this update makes it easier to select equipment or identify potential issues. | This is now available. | Learn more.
Improvements to sales and customer service integrations in Google Chat
Third-party sales tool Salesforce and customer service tool Zendesk are now better integrated with Google Chat, using the updated Salesforce and Zendesk Chat apps. The Salesforce Chat app now allows you to more easily search and share Salesforce records into the Chat stream. The Zendesk Chat app provides improved notifications of updates to Zendesk tickets into Chat, including the ability to update and reassign tickets. Installing these apps provides simpler access to your sales and customer service workflows directly in Chat. | This is now available. | Learn more
Improved Chat, Meet, and Gmail experience on Android foldable devices and tablets 
As part of our mission to provide a top-class user experience on large screen devices, Chat and Meet will now support a 2-pane view on Android foldable devices and tablets. Gmail will continue to support a 2-pane view when the device is in landscape orientation. The new layout will make it easier to browse emails, view chats, and participate in meetings. | This is now available. 
Optimized zoom experience for Google Sheets on Android devices
In continuing our efforts to enhance the Google Workspace experience on Android devices, we’re introducing an improved zoom scale experience when using Google Sheets on Android devices. Upon opening the Sheets app, zoom scales are now different based on your device type. | Rolling out to Rapid Release domains now; launch to Scheduled Release domains planned for mid March, 2023.

Previous announcements

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.

Introducing Trusted Types in Google Workspace
We’re improving the client-side security of Google Docs, Sheets, Slides, Forms, Sites, Jamboard, Drawings, and Drive with Trusted Types. This will provide an extra layer of protection around Document Object Model (DOM) APIs that are used by the apps listed above or third-party extensions. | Learn more
Introducing new smart canvas features in Google Sheets and Google Docs
We’re introducing even more smart chips and a new way to display dates across Google Sheets that will make it easier for you to quickly preview and interact with dates, locations, and financial information. We’re also adding a stopwatch chip to Google Docs that can track how long it takes to complete an activity, helping you stay on task and on time. | Learn more

Completed rollouts

The features below completed their rollouts to Rapid Release domainsScheduled Release domains, or both. Please refer to the original blog post for additional details.