Security Advisory: Insufficient Forensic Visibility in GCP Storage

Originally published by Mitiga. Written by Veronica Marinov. Overview As part of Mitiga’s research into cloud attacks and forensics, we have been examining potential data exfiltration techniques in GCP (Google Cloud Platform) and how to identify and investigate them. During this research, we discovered a significant forensic security deficiency in Google Cloud Storage that enables a threat actor to exfiltrate in a covert manner. One of the most common attack vectors used by threat actors righ...

actor advisory attack attacks attack vectors cloud cloud platform cloud storage covert data data exfiltration exfiltration forensic forensics forensic security gcp google google cloud google cloud platform identify mitiga platform research security security advisory storage techniques threat threat actor visibility