WebProNews

Category: CybersecurityUpdate

CybersecurityUpdate

  • ServiceNow Expands Microsoft Partnership to Protect Data

    ServiceNow Expands Microsoft Partnership to Protect Data

    ServiceNow is extending its partnership with Microsoft to help protect organization’s data.

    ServiceNow provides a cloud-based, SaaS platform that provides workflows for organizations. As pandemic and post-pandemic hybrid workflows become the norm, secure, digital workflows are more important than ever.

    The company is expanding its partnership with Microsoft to include Microsoft Azure Sentinel, Microsoft Threat & Vulnerability Management, Microsoft Teams, and Microsoft SharePoint. The integration will allow data from Microsoft’s service to be pulled into ServiceNow for analysis.

    “Nearly 80 percent of the Fortune 500 rely on ServiceNow’s ‘platform of platforms’,” said Lou Fiorello, VP & GM of Security Products, ServiceNow. “More and more, customers are seeing the value of running security operations processes on the platform, leveraging enterprise business context, and automating workflows across the enterprise in real‑time. The powerful new integrations announced today tie Microsoft’s security products into the ServiceNow Security Operations ecosystem, helping security teams gain the context needed to prioritize and act on security incidents faster and more efficiently than ever.”

    “In an increasingly hostile world, the only real competition is the bad actors and nation state adversaries,” said Eric Doerr, VP Cloud Security at Microsoft Corp. “Our integrations with Microsoft Security Solutions and ServiceNow Security Operations products enables customers to gain system‑wide visibility, automate security workflows, and respond rapidly to incidents to build a safer and more secure world for all.

  • Kaseya Has Obtained Ransomware Unlock Key

    Kaseya Has Obtained Ransomware Unlock Key

    The target of the largest ransomware attack in history has obtained the key to unlock impacted systems.

    Kaseya makes IT management software used by companies around the world. As a result, it’s a tempting target for hackers, since compromising its software can potentially compromise thousands of its clients and their clients. This most recent attack compromised as many as 1,500 customers around the world.

    REvil, the gang believed to be behind the ransomware, went dark in the aftermath of the attack. According to The Washington Post, Kaseya has now received the unlock key from a “trusted third party.” The company has verified the universal decryptor key works, and is rolling it out to customers.

    The news is a welcome relief to the victims of the attack, and should speed up their recovery.

  • DuckDuckGo Testing Email Protection Service

    DuckDuckGo Testing Email Protection Service

    DuckDuckGo is testing a new email protection feature, designed to combat email trackers.

    Many emails, up to 70% of them in fact, contain trackers that tell the sender when, where and on what device the email was opened. The data is also used to build profiles, to coordinate with other ad services, such as those on websites.

    DuckDuckGo is looking to challenge this with its new Email Protectionservice.

    We’re excited to announce the beta release of DuckDuckGo’s Email Protection. Our free email forwarding service removes email trackers and protects the privacy of your personal email address without asking you to change email services or apps.

    Users sign up for an @duck.com email address and use it as the address they give out to others. DuckDuckGo strips out any trackers from emails sent to the address, and then forward it on to the person’s main address — all without saving anything.

    The service sounds like an excellent option for privacy-conscious users, made by a company that has built its reputation on protecting user privacy.

    The service is currently in beta. Those interested can sign up via the iOS or Android DuckDuckGo app by selecting Settings > Beta Features > Email Protection > Join the Private Waitlist.

  • US and Allies Accuse China of Being Behind Microsoft Hack

    US and Allies Accuse China of Being Behind Microsoft Hack

    The US and its allies have accused China of exploiting a Microsoft vulnerability before it could be patched.

    The People’s Republic of China (PRC) has a long history of turning a blind eye to hackers and ransomware groups. The Biden administration is holding PRC’s feet to the fire, calling out state-sponsored hacking.

    “The United States is deeply concerned that the PRC has fostered an intelligence enterprise that includes contract hackers who also conduct unsanctioned cyber operations worldwide, including for their own personal profit,” reads the US statement. “As detailed in public charging documents unsealed in October 2018 and July and September 2020, hackers with a history of working for the PRC Ministry of State Security (MSS) have engaged in ransomware attacks, cyber enabled extortion, crypto-jacking, and rank theft from victims around the world, all for financial gain.”

    The statement is one of the strongest denunciations of PRC’s involvement with international hacking.

    “The PRC’s pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world. Today, countries around the world are making it clear that concerns regarding the PRC’s malicious cyber activities is bringing them together to call out those activities, promote network defense and cybersecurity, and act to disrupt threats to our economies and national security.”

    It remains to be seen what will come of the situation, but it will likely continue to play a part in the trade war between China and the US. The war reached its height under the Trump administration, but the Biden administration has been slow to roll back some of the measures taken by the previous one.

    With these new revelations, it wouldn’t be surprising fo the US to take further action against Chinese corporations. In the meantime, the US is working to increase cybersecurity defense, both in the public and private sector.

  • AWS Bans NSO Group Behind Pegasus Spyware Used Against Journalists

    AWS Bans NSO Group Behind Pegasus Spyware Used Against Journalists

    Amazon Web Services has shut down the accounts of Israeli surveillance firm NSO Group, following explosive revelations of its software being used to target activist and journalists.

    The Washington Post reported that NSO Group’s software, which is normally used to combat terrorists and criminals, “was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi.”

    The reaction has been swift and severe, with the company pledging to investigate the incidents. Nonetheless, Motherboard has reported that AWS is shutting down accounts linked to the Israeli company.

    “When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an AWS spokesperson told Motherboard in an email.

    This issue is a potential minefield for AWS, since a forensic report by Amnesty International shows NSO Group recently started using AWS services, with captured data from its software being sent to a service on Amazon CloudFront.

    Given the accusations against NSO Group — especially targeting human rights activists and journalists — it’s likely AWS’ response won’t be the last repercussions the company faces.

  • US Offers $10 Million Reward for Information on ‘Foreign Malicious Cyber Activity’

    US Offers $10 Million Reward for Information on ‘Foreign Malicious Cyber Activity’

    The US is ramping up its fight against cybercriminals, especially those who are state-sponsored, offering a $10 million reward for information.

    Cybersecurity has become the new battleground of the 21st century. To make matters worse, many hacking groups are state-sponsored, as a successful cyberattack carries far less risk for a hostile government than open confrontation.

    The US has been rocked by multiple ransomware attacks, including against critical infrastructure. The Colonial Pipeline attack had a devastating impact on the East Cost fuel supply, the attack against JBS threatened the food chain and the Kaseya attack is believed to have up to 1,500 victims. 

    The State Department is fighting back, using its Rewards for Justiceprogram to offer “a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”

    To protect anyone having information, Rewards for Justice has set up a Dark Web, Tor-based method for reporting tips.

    For more information, visit www.rewardsforjustice.net.

  • NortonLifeLock In Advanced Talks to Buy Avast

    NortonLifeLock In Advanced Talks to Buy Avast

    Two of the leaders in the cybersecurity software market are in advanced merger talks, according to reports.

    NortonLifeLock and Avast are two of the most well-known makers of cybersecurity software. Norton has been a common name in the market for decades, while Avast made a name for itself as a freemium alternative.

    According to The Wall Street Journal the two companies are already in advanced talks for a deal that could value Avast as high as $8 billion. The deal could be completed as early as this month, provided no deal-breaking issues arise.

    Should Norton succeed in purchasing Avast, the combined company would be a behemoth in the industry, and put tremendous pressure on rivals.

  • DOJ and DHS Launch Website to Help Ransomware Victims

    DOJ and DHS Launch Website to Help Ransomware Victims

    The Department of Justice (DOJ) and the Department of Homeland Security (DHS) have launched StopRansomware.gov as a one-stop cybersecurity resource.

    Ransomware has become one of the leading cybersecurity threats, impacting businesses, organizations and agencies of all sizes. The most recent Kaseya attack, believed to be the largest ever, illustrated the growing dangers of an inter-connected tech industry. Because Kaseya makes software used in managed services, as many as 1,500 customers were impacted.

    The DOJ and DHS have created StopRansomware.gov in an effort to help companies protect themselves from ransomware, as well as mitigate the impacts should an attack occur. The site will also serve as a place to keep current with news and threat alerts.

    “The Department of Justice is committed to protecting Americans from the rise in ransomware attacks that we have seen in recent years,” said Attorney General Merrick B. Garland of the Justice Department. “Along with our partners in and outside of government, and through our Ransomware and Digital Extortion Task Force, the Department is working to bring all our tools to bear against these threats. But we cannot do it alone. It is critical for business leaders across industries to recognize the threat, prioritize efforts to harden their systems and work with law enforcement by reporting these attacks promptly.”

    “As ransomware attacks continue to rise around the world, businesses and other organizations must prioritize their cybersecurity,” said Secretary Alejandro Mayorkas for the Department of Homeland Security. “Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools and more. These attacks directly impact Americans’ daily lives and the security of our nation. I urge every organization across our country to use this new resource to learn how to protect themselves from ransomware and reduce their cybersecurity risk.”

    StopRansomware.gov should be a resource in every security professional’s toolbox.

  • Experts Warn of Ongoing Danger Despite REvil Going Dark

    Experts Warn of Ongoing Danger Despite REvil Going Dark

    Ransomware gang REvil may have gone dark, with its sites offline, but experts are warning against becoming complacent.

    REvil has been behind two recent, high-profile ransomware attacks. The group was behind the attack that crippled JBS, one of the world’s leading meat processors. They were also behind the largest-ever ransomware attack on Kaseya.

    REvil appears to have gone dark, with all of its websites going offline. Some believe the group may have received a subpoena, prompting the group to erase their servers in an effort to avoid prosecution.

    Despite the apparent good news, cybersecurity experts are warning against becoming complacent, as it’s only a matter of time before the group, or at least its members, resurface.

    Toshihiro Koike, CEO of Cyber Security Cloud Inc. (CSC), the provider of the only service on the market that automatically builds, tests and tunes AWS rules and continuously defends against zero-day threats, on the recent news that the REvil hacking group disappeared this afternoon. 

    “It doesn’t matter if REvil’s sites have gone dark; the threat of ransomware attacks is constant and the players will just re-emerge elsewhere,” Toshihiro Koike, CEO of Cyber Security Cloud Inc, told WebProNews. “Now is the time for companies to re-evaluate their systems and become proactive about cybersecurity. Every company on Earth is vulnerable to a debilitating ransomware attack, so what are you going to do about it?”

    Koike’s warning should be a sobering reminder to companies large and small to continue securing their networks and services.

  • REvil Ransomware Gang Goes Dark, Puzzling Experts

    REvil Ransomware Gang Goes Dark, Puzzling Experts

    The REvil ransomware gang, behind the Kaseya attack, has gone dark and its websites have gone offline.

    REvil successfully pulled off the biggest ransomware attack in history, targeting Kaseya’s software used in managed services around the world. The gang originally demanded a $70 million ransom, later lowering it to $50 million in private talks.

    Despite the gang’s success, or perhaps because of it, the REvil gang appears to have gone dark. Its websites, including the one used as its “leak site,” have all shut down.

    As BleepingComputer points out, it’s not uncommon for some REvil servers to go down, but it’s highly irregular for all of them to go down at once. BleepingComputer also cites evidence to suggest REvil may have shut down and erased their servers in response to a government subpoena.

    It’s believed REvil has been operating out of Russia, and the code in its ransomware seems to specifically avoid computer systems where Russian languages are primary. Nonetheless, President Joe Biden has been putting additional pressure on Vladimir Putin to take action against cybercriminals operating within Russia’s borders.

    “I made it very clear to him that the United States expects when a ransomware operation is coming from his — even though it’s not sponsored by the state — we expect him to act if we give him enough information to act on who that is,” Biden told reporters, regarding a call he had with Putin.

  • Kaseya Had a History of Security Issues Before Ransomware Attack

    Kaseya Had a History of Security Issues Before Ransomware Attack

    Software firm Kaseya had a history of security issues long before the latest one that allowed the biggest ransomware attack in history to occur.

    Kaseya went from relative obscurity to being one of the most well-known software firms in the world, thanks to being ground zero for the worst ransomware attack in history. Kaseya makes software used for managed services. As such, it made for a prime target, since compromising its software would open the door to compromising all the companies that rely on its services. Indeed, as many as 1,500 customers were believed to have been impacted.

    What has become more apparent since the attack, however, is that Kaseya had a history of security issues, issues that likely made it an even more appealing target. According to The Seattle Times, hackers managed to plant “cryptojacking” software in Kaseya’s tool in 2018, hijacking affected computers for crypto mining.

    In 2019, the company’s software was used in another ransomware attack. Experts believe the perpetrators included individuals that later went on to form REvil, the group behind the latest attack. Their experience successfully compromising Kaseya two years ago may very well have played a part in their recent decision-making.

    In 2014, the company’s founders sued the company over a dispute about who was responsible for another cryptocurrency scheme.

    To make matters worse, none of the security issues Kaseya experienced were some obscure, hard-to-predict issues. In fact, they were all well-understood issues that could have been easily addressed sooner.

    “Kaseya needs to shape up, as does the entire software industry,” Katie Moussouris, the founder and CEO of Luta Security, told The Seattle Times. “This is a failure to incorporate the lessons the bugs were teaching you. Kaseya, like a lot of companies, is failing to learn those lessons.”

    As more companies continue to rely on cloud services, a single vulnerability can have profound repercussions, impacting thousands of companies. As a result, companies that provide managed services will need to make security their number one priority if they wish to avoid Kaseya’s pitfalls.

  • Microsoft Purchasing RiskIQ to Improve Hybrid Work Cybersecurity

    Microsoft Purchasing RiskIQ to Improve Hybrid Work Cybersecurity

    Microsoft has entered an agreement to purchase RiskIQ in an effort to improve hybrid work cybersecurity.

    The COVID-19 pandemic has forever altered the workforce, leading many companies to speed up their adoption of remote and hybrid work strategies. Despite the benefits of this approach, cybersecurity can pose additional challenges as people work remotely, often using personal computers and devices.

    Microsoft is acquiring RiskIQ to help address this shortcoming, as RiskIQ provides a cloud-based SaaS cybersecurity platform. The company helps companies provide security beyond the firewall, analyzing and assessing the overall attack surface of the entire organization. This includes a company’s cloud resources, on-premise resources and supply chains.

    “The vision and mission of RiskIQ is to provide unmatched internet visibility and insights to better protect and inform our customers and partners’ security programs,” said RiskIQ Cofounder and CEO Elias Manousos. “We’re thrilled to add RiskIQ’s Attack Surface and Threat Intelligence solutions to the Microsoft Security portfolio, extending and accelerating our impact. Our combined capabilities will enable best-in-class protection, investigations, and response against today’s threats.”

    The terms of the deal were not disclosed.

  • Kaseya Has Fully Restored Servers Following Ransomware Attack

    Kaseya Has Fully Restored Servers Following Ransomware Attack

    Software company Kaseya, at the heart of the largest ransomware attack in history, says its services have now been fully restored.

    Kaseya’s software was the target of a ransomware attack by the REvil group. Because Kaseya’s software is used in managed services around the world, as many as 1,500 customers were believed to have been impacted.

    The company has been working hard to restore services, and today announced they have succeeded.

    The restoration of services is now complete, with 100% of our SaaS customers live as of 3:30 AM US EDT. Our support teams continue to work with VSA On-Premises customers who have requested assistance with the patch.

    We will continue to post updates as new information becomes available.

    The attack on Kaseya illustrates the growing cybersecurity issues involved in an ever-connected software industry, where thousands of companies rely on common frameworks, services and applications. Rather than attack each company one-by-one, attacking a common service allowed REvil to cripple far more companies than could be realistically targeted in the same time.

  • Microsoft Has Paid $13.6 Million in Bug Bounties in Last Year

    Microsoft Has Paid $13.6 Million in Bug Bounties in Last Year

    Microsoft has disclosed the results of its bug bounty program, including the fact that it paid $13.6 million in bounties over the last year.

    Most major companies offer bounties for security researchers who find and report major bugs. Microsoft has long made use of bug bounties as a way to secure its products and services.

    According to the Microsoft Security Response Center (MSRC) Team, the company paid $13.6 million to dozens of researchers around the globe.

    Over the past 12 months, Microsoft awarded $13.6M in bug bounties to more than 340 security researchers across 58 countries. The largest award was $200K under the Hyper-V Bounty Program. With an average of more than $10,000 USD per award across all programs, each of the over 1,200 eligible reports reflect the talent and creativity of the global security research community and their invaluable partnership in addressing the challenges of a constantly changing security environment.

    The MSRC Team credits the success of the last year to a revamping of the program that puts greater emphasis on the highest impact bugs.

  • Former DHS CISA director Chris Krebs Will Headline SECtember

    Former DHS CISA director Chris Krebs Will Headline SECtember

    The Cloud Security Alliance has announced that former DHS CISA director Chris Krebs will be the feature speaker at the upcoming SECtember event.

    The Cloud Security Alliance is focused on developing best practices, certifications and standards to help the cloud industry provide the necessary security. SECtember is the Alliance’s “first global event dedicated to the intersection of cloud and cybersecurity.” 

    Thought leaders from five continents are expected to attend the conference and benefit from the seminars, briefings and training sessions.

    Chris Krebs, the former director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), will be the featured speaker at the event. Prior to his role at CISA, Krebs had other roles at DHS, directed US cybersecurity policy at Microsoft, served in the George W. Bush administration and advised industry and government clients on cybersecurity.

    “During his time leading CISA, Chris successfully elevated the security posture of our country’s most critical cyber infrastructure, and today, he continues to lead the charge to ensure that both the private and public sectors are fortified against escalating cyberattacks,” said Jim Reavis, co-founder and CEO, Cloud Security Alliance. “We are thrilled to have him join us at SECtember this year. His unfailing commitment to our national security, despite very challenging circumstances, serves as inspiration to us all.”

    SECtember is scheduled to take place September 13 – 17, at the Meydenbauer Center in Bellevue, Washington. Interested parties should register here.

  • Microsoft Patching ‘PrintNightmare’ Vulnerability

    Microsoft Patching ‘PrintNightmare’ Vulnerability

    Microsoft is patching the PrintNightmare vulnerability, following a botched disclosure of the zero-day exploit.

    PrintNightmare is an exploit that targets the Windows Print Spooler. Researchers at Sangfor accidentally released the proof-of-concept code, mistakenly believing Microsoft had already patched the vulnerability, according to The Verge. Despite quickly deleting the code, it had already been forked and was in the wild. PrintNightmare allows an attacker to install programs, create new accounts with admin rights and modify data.

    Microsoft has since announced the vulnerability is being actively exploited, and has said all version of Windows are impacted. In response to the situation, Microsoft has issued emergency patches, including to the now defunct Windows 7, indicating the severity of the vulnerability.

    Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.

  • Kaseya Ransomware Victims May Reach 1,500

    Kaseya Ransomware Victims May Reach 1,500

    Kaseya has acknowledged as many as 1,500 businesses may have been impacted by the ransomware attack targeting its software.

    On July 2, Kaseya began learning of a coordinated attack against its software. Kaseya makes IT management software, and its customers provide managed IT services to somewhere between 800,000 and 1,000,000 small businesses.

    The company says it immediately shut down the software being targeted, although an estimated 800 to 1,500 businesses have been compromised.

    “Our global teams are working around the clock to get our customers back up and running,” said Fred Voccola, CEO, Kaseya. “We understand that every second they are shut down, it impacts their livelihood, which is why we’re working feverishly to get this resolved.”

    The perpetrators appear to be the REvil gang, most recently responsible for the ransomware attack on meat processor JBS. That attack resulted in JSB paying an $11 million ransom to prevent excessive strain on the world’s meat supply.

    In this case, the group initially demanded a $70 million ransom. According to CNBC, REvil has privately lowered the demand to $50 million.

  • Twitter Adds Support for Security Keys for 2FA

    Twitter Adds Support for Security Keys for 2FA

    Twitter has added support for security keys to support two-factor authentication (2FA).

    2FA is widely considered to be an important step in securing accounts and information. With 2FA enabled, a user does not gain immediate access to their account when they log in using their username and password. Instead, they are required to take an additional step, such as confirming the login via their phone or other device, providing a fingerprint or using a security key.

    A security key has some distinct advantages over other forms of 2FA, as Twitter highlights in their blog.

    Security keys are small devices that act like keys to your house. Just as you need a physical key to unlock the door to your home, you need a security key to unlock access to your account. Security keys offer the strongest protection for your Twitter account because they have built-in protections to ensure that even if a key is used on a phishing site, the information shared can’t be used to access your account. They use the FIDO and WebAuthn security standards to transfer the burden of protecting against phishing attempts from a human to a hardware device. Security keys can differentiate legitimate sites from malicious ones and block phishing attempts that SMS or verification codes would not.

    For the time being, security keys will only work with Twitter.com, not the mobile apps. Nonetheless, the new feature is an important step in security Twitter accounts.

  • T-Mobile Verizon and AT&T Complete STIR/SHAKEN Implementation

    T-Mobile Verizon and AT&T Complete STIR/SHAKEN Implementation

    T-Mobile and Verizon have both announced they have fully implemented the STIR/SHAKEN protocol to combat scams, meeting the FCC’s deadline.

    The Federal Communications Commission set June 30th as the deadline to implement the STIR/SHAKEN protocols for the largest wireless carriers. The protocols provide a framework for a carrier to verify the authenticity of a call, pass that on to the next carrier(s) for verification, and then pass on the verification to the recipient phone. When the call comes through, the recipient will see whether the number is verified or suspect.

    The protocols are designed to help fight scammers and robocallers that often mask their phone number to make it appear as if they’re calling from the same area code or exchange as the recipient. This can create a false sense of security, as the recipient believes the call is local.

    T-Mobile and Verizon have both fully implemented STIR/SHAKEN, providing their customers an extra layer of protection.

    “Number Verification, along with Caller ID, and the scam identification and blocking tools in Scam Shield, gives our customers the industry’s most comprehensive free scam and spam protection,” said Jon Freier, Executive Vice President, T-Mobile Consumer Group at T-Mobile​. “We were first to implement number verification in 2019 and today, all calls originating on the T-Mobile network are 100% STIR/SHAKEN compliant, giving our customers peace of mind that their calls are protected against scammers and spammers.”

    While not issuing a press release, as T-Mobile and Verizon did, AT&T did confirm to The Verge that it has also met the FCC’s deadline.

  • Data for 700 Million LinkedIn Users for Sale Online

    Data for 700 Million LinkedIn Users for Sale Online

    Data for some 700 million LinkedIn users is for sale online, just two months after another major dataset was up for sale.

    According to LinkedIn, the platform has some 756 million members. As a result, the latest dataset represents roughly 92% of all users. The hacker selling the information says an API was exploited to harvest the data, according to RestorePrivacy.

    LinkedIn has responded, saying the information was scraped, and that no data breach occurred.

    Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update.

    The data includes a significant amount of information, including LinkedIn usernames, full names, email addresses, phone numbers, physical addresses, gender, experience and background, geolocation records and social media accounts/usernames.

    Regardless of how the data was collected, the implications are enormous with 92% of LinkedIn users now vulnerable to spam campaigns and identity theft.

  • Google Drive and YouTube Links Impacted by Google Security Changes

    Google Drive and YouTube Links Impacted by Google Security Changes

    A Google security update is about to impact Google Drive and YouTube public links, including Unlisted ones.

    Google Drive and YouTube both use links to share files and videos. In the case of YouTube, Unlisted videos are publicly available, but not indexed by the platform’s search. As a result, a link is needed to access the video.

    Google has been working to improve the security of its sharing links, and the improved security will lead to some of those old links breaking. The company highlighted the changes to Google Drive on its Google Workspace blog.

    This security update is being applied to some files in Google Drive to make sharing links more secure. The update will add a resource key to sharing links. Once the update has been applied to a file, users who haven’t viewed the file before will have to use a URL containing the resource key to gain access, and those who have viewed the file before or have direct access will not need the resource key to access the file.

    Admins can use Google’s Help Center to learn more about the update, its impacts and how to manage it across an organization.

    Similarly, YouTube outlined how Unlisted video links will be impacted.

    As part of these changes, Unlisted videos uploaded before 2017 will be made Private starting on July 23, 2021. We are also giving creators the option to opt out of this security update and keep their videos in their current state if they prefer. If you have a video that is impacted by this change, we’ll notify you directly.

    Users will have the option of opting out, using this form, by July 23, 2021. Alternatively, users can re-upload their video as Unlisted, switch them to Public or simply let them go Private when the change takes place.