Some odd and potentially dangerous behavior within the Google Cloud Platform (GCP) was revealed by cloud security company Mitiga Thursday. If GCP is not configured correctly, it could be exploited by attackers to engage in malicious activity inside a user’s cloud environment, according to a blog posted on the Israeli company’s website.
The behavior is linked to one of the APIs used by Google Cloud. The API allows users to retrieve data from serial ports, but by creating a virtual machine in the cloud, data could also be continuously written to the ports. Moreover, because of the way Google Cloud classifies such traffic, administrators aren’t given much visibility into it. If an attacker were exploiting the behavior, their constant calls to the ports might tip their hand, Mitiga explained, but the malicious activity is likely to be missed by developers unfamiliar with the specifics of the API.
More Stories
Scams Based on Fake Google Emails
Scammers are hacking Google Forms to send email to victims that come from google.com. Brian Krebs reports on the effects....
Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
The vacuum left by RedLine’s takedown will likely lead to a bump in the activity of other a infostealers Read...
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)
In episode 30 of The AI Fix, AIs are caught lying to avoid being turned off, Apple’s AI flubs a...
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM...
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse...
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group Read More