all InfoSec news
Google Cloud Platform allows data exfiltration without a (forensic) trace
Help Net Security www.helpnetsecurity.com
Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s storage access logs, Mitiga researchers have discovered. GCP data exfiltration attack (Source: Mitiga) Covert data exfiltration from GCP buckets In short, the main problem is that GCP’s basic storage logs – which are, by the way, not enabled by default – use the same description/event (objects.get) for different types of access, … More →
The post …
access attack attackers basic cloud cloud platform cloud security covert data data exfiltration data theft don't miss enterprise event exfiltration forensic gcp google google cloud google cloud platform logging logs main malicious mitiga platform problem researchers storage trace traces