• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
experts reveal google cloud platform's blind spot for data exfiltration

Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks

You are here: Home / General Cyber Security News / Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks
March 6, 2023

Malicious actors can consider advantage of “insufficient” forensic visibility into Google Cloud System (GCP) to exfiltrate delicate facts, a new research has observed.

“Sad to say, GCP does not provide the level of visibility in its storage logs that is desired to make it possible for any productive forensic investigation, making companies blind to potential knowledge exfiltration attacks,” cloud incident response business Mitiga stated in a report.

The attack banks on the prerequisite that the adversary is able to achieve command of an identity and obtain administration (IAM) entity in the targeted corporation by procedures like social engineering to obtain the GCP natural environment.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The crux of the dilemma is that GCP’s storage obtain logs do not present sufficient transparency with regards to potential file entry and read through gatherings, in its place grouping them all as a single “Object Get” exercise.

“The identical occasion is utilized for a broad wide range of sorts of entry, such as: Studying a file, downloading a file, copying a file to an external server, [and] looking at the metadata of the file,” Mitiga researcher Veronica Marinov reported.

This deficiency of difference could permit an attacker to harvest delicate details without the need of becoming detected, generally since there is no way to differentiate among destructive and respectable consumer action.

Data Exfiltration Attacks

In a hypothetical attack, a threat actor can use Google’s command line interface (gsutil) to transfer worthwhile data from the target organization’s storage buckets to an exterior storage bucket in just the attacker organization.

Find out the Most up-to-date Malware Evasion Ways and Prevention Strategies

Ready to bust the 9 most hazardous myths about file-centered attacks? Join our upcoming webinar and turn into a hero in the struggle versus patient zero bacterial infections and zero-day security gatherings!

RESERVE YOUR SEAT

Google has due to the fact supplied mitigation recommendations, which selection from Virtual Private Cloud (VPC) Support Controls to using organization restriction headers to limit cloud useful resource requests.

The disclosure will come as Sysdig unearthed a subtle attack campaign dubbed SCARLETEEL which is targeting containerized environments to perpetrate theft of proprietary knowledge and software program.

Discovered this article intriguing? Comply with us on Twitter  and LinkedIn to read through far more special written content we article.


Some pieces of this short article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News City of Oakland Faces Major Data Leak
Next Post: Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine core members of doppelpaymer ransomware gang targeted in germany and»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.