Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/114269518819861266">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 03-Apr-2025 02:21:39 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/114269277397700711" rel="in-reply-to">in reply to</a></div></section><article><p>100% on this one, seen all the time on real world incidents. </p><p>Problem: somebody got a password for an account and nobody knows how. </p><p>How: the business user signed into their personal Google account in Chrome at work, which synced all their bookmarks and saved passwords to Google. Then they switched on their home PC, Chrime synced, and infostealer took all the details</p><p>Solution: Google Chrome ADMX, and set Group Policy to turn off personal account sign in with Chrome. </p><p> <a href="https://infosec.exchange/@Walker/114268652560517693" rel="nofollow noreferrer">https://infosec.exchange/@Walker/114268652560517693</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4832480#notice-9467060">In conversation</a><time datetime="2025-04-03T02:21:39+09:00" title="Thursday, 03-Apr-2025 02:21:39 JST">about 20 days ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/114269518819861266" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/114269518819861266">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://infosec.exchange/@Walker/114268652560517693">Walker (@Walker@infosec.exchange)</a></h5><div> from <span>Walker</span></div></header><div>@GossiTheDog@cyberplace.social The larger problem for corporations is browser sync for passwords, login cookies and tokens, and other sensitive data. Home PCs do not have advanced EDR and if it gets compromised that could expose corporate resources.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 03-Apr-2025 02:21:39 JST Kevin Beaumont
in reply to
100% on this one, seen all the time on real world incidents.
Problem: somebody got a password for an account and nobody knows how.
How: the business user signed into their personal Google account in Chrome at work, which synced all their bookmarks and saved passwords to Google. Then they switched on their home PC, Chrime synced, and infostealer took all the details
Solution: Google Chrome ADMX, and set Group Policy to turn off personal account sign in with Chrome.
https://infosec.exchange/@Walker/114268652560517693
In conversationabout 20 days ago from cyberplace.socialpermalink
Attachments
1. No result found on File_thumbnail lookup.
  Walker (@Walker@infosec.exchange)
  from Walker
  @GossiTheDog@cyberplace.social The larger problem for corporations is browser sync for passwords, login cookies and tokens, and other sensitive data. Home PCs do not have advanced EDR and if it gets compromised that could expose corporate resources.

Public

Embed Notice

HTML Code

Corresponding Notice