The Anatomy of a Google Cloud (GCP) Cryptomining Attack - Default Service Account Compromise | allinfosecnews.com

Jan. 17, 2023, 2 p.m. | Day Cyberwox

CYBERWOX www.youtube.com

GCP Service Accounts are interesting cloud identities. Let's go over how they led to a Cryptomining Attack in this Attack Case.

Report: https://unit42.paloaltonetworks.com/compromised-cloud-compute-credentials/

_____________
🧬 VIDEO RESOURCES

🔹How A Compromised AWS Lambda Function Led to a Phishing Attack: https://youtu.be/rdwl49cN3Vk
🔹GCP Lateral Movement & PrivEsc: https://www.youtube.com/watch?v=Ml09R38jpok
🔹GCP Service Accounts: https://cloud.google.com/compute/docs/access/service-accounts
🔹 DEFCON 30 Cloud Village - Weather Proofing GCP Defaults: https://www.youtube.com/watch?v=7t29F8nIAt8
🔹GCP IAM basic and predefined roles reference: https://cloud.google.com/iam/docs/understanding-roles

_____________
💼 CAREER RESOURCES

🔹Check out these Cybersecurity Notion Templates for planning …

access account account compromise accounts attack career case cloud compromise credentials cryptomining default defense detection escalation evasion firewall flow gcp google google cloud identities initial access led modification opportunity permission privilege privilege escalation resources service service accounts stolen video work

More from www.youtube.com / CYBERWOX

Cybersecurity Hiring Managers Share Secrets On Getting Hired #cybersecurity 21 hours ago | www.youtube.com

academy affiliate cloud cloudcomputing +21

SANS Cybersecurity Certifications: Do You Really Need Them? #cybersecurity #sans 1 day, 21 hours ago | www.youtube.com

academy affiliate certifications cloud +19

Cybersecurity Manager Shares Opinion on GIAC GCIH, GCIA & GCFA (SANS) 2 days, 21 hours ago | www.youtube.com

academy affiliate cloud cloudcomputing +26

Cybersecurity Engineering Skills You Need To Get Hired #cybersecurity 3 days, 21 hours ago | www.youtube.com

academy affiliate cloud cloudcomputing +19

Skills and Experience Needed For Cybersecurity 4 days, 21 hours ago | www.youtube.com

academy affiliate cloud cloudcomputing +20

I Asked Cybersecurity Managers How To Get Hired 5 days, 21 hours ago | www.youtube.com

certification cybersecurity detection engineer +10

Python Strings, Variables & Inputs ~ Python for Cybersecurity 1 1 week, 5 days ago | www.youtube.com

academy cloud cloudcomputing cloudsecurity +23

Cybersecurity Training For Beginners & Everyone Else #cybersecurity 2 weeks, 1 day ago | www.youtube.com

academy affiliate beginners cloud +20

Learn Cybersecurity FASTER in 2024 - Trainings, Certifications & Courses 2 weeks, 5 days ago | www.youtube.com

amp analysis beginners blue +25

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com