all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Google Cloud Platform allows data exfiltration without a (forensic) trace

Add to bookmarks
March 1, 2023, 2:43 p.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s storage access logs, Mitiga researchers have discovered. GCP data exfiltration attack (Source: Mitiga) Covert data exfiltration from GCP buckets In short, the main problem is that GCP’s basic storage logs – which are, by the way, not enabled by default – use the same description/event (objects.get) for different types of access, … More →


The post …

access attack attackers basic cloud cloud platform cloud security covert data data exfiltration data theft don't miss enterprise event exfiltration forensic gcp google google cloud google cloud platform logging logs main malicious mitiga platform problem researchers storage trace traces

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps 10 hours ago | www.helpnetsecurity.com
android android apps app apps +17
Trellix Wise automates security workflows with AI, streamlining threat detection and remediation 12 hours ago | www.helpnetsecurity.com
artificial artificial intelligence cyber cyber risk +21
Microsoft, Google widen passkey support for its users 12 hours ago | www.helpnetsecurity.com
account protection authentication awareness bitwarden +18
Cyble Vision X covers the entire breach lifecycle 13 hours ago | www.helpnetsecurity.com
access artificial artificial intelligence aspect +23
BlackBerry CylanceMDR improves cybersecurity defensive strategy 13 hours ago | www.helpnetsecurity.com
address advanced ai platform amp +28
FortiGate 200G series boosts campus connectivity for Wi-Fi 7 14 hours ago | www.helpnetsecurity.com
ai-powered campus connectivity firewall +15
Nokod Security Platform secures low-code/no-code development environments and apps 14 hours ago | www.helpnetsecurity.com
applications apps automations code +23
Lenovo launches AI-based Cyber Resiliency as a Service 15 hours ago | www.helpnetsecurity.com
copilot copilot for security cyber cyber protection +24
Edgio ASM reduces risk from web application vulnerabilities 15 hours ago | www.helpnetsecurity.com
application application vulnerabilities asm assets +33

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs