Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s storage access logs, Mitiga researchers have discovered. GCP data exfiltration attack (Source: Mitiga) Covert data exfiltration from GCP buckets In short, the main problem is that GCP’s basic storage logs – which are, by the way, not enabled by default – use the same description/event (objects.get) for different types of access, … More
The post Google Cloud Platform allows data exfiltration without a (forensic) trace appeared first on Help Net Security.
