Last Week in Cloud Security — July 25
July 18 — July 25
Vulnerabilities and Case Studies
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions
Organizations that have used Google Cloud Platform’s Cloud Functions — a serverless execution environment — could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as “ConfusedFunction.” Read on to learn all about the vulnerability and what your organization needs to do to protect itself.
Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Tracked as CVE-2024–41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
Container Breakouts: Escape Techniques in Cloud Environments
Container escapes are a notable security risk for organizations, because they can be a critical step of an attack chain that can allow malicious threat actors access. We previously published one such attack chain in an article about a runC vulnerability. In it, we discuss how attackers could exploit CVE-2019–5736 to gain root-level code execution and break out of a Docker container. Since then, organizations have increasingly published similar vulnerabilities that attackers could use to escape containers.
PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing
A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes.
Mexico’s Largest ERP Provider ClickBalance Exposes 769 Million Records
Cybersecurity researcher Jeremiah Fowler discovered a cloud database containing 769 million records belonging to ClickBalance, a software provider offering cloud-based business services. The database was left exposed without any password or security authentication, making accessing data to malicious threat actors a piece of cake.
Worth Knowing
Cloud security threats CISOs need to know about
In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data breaches, misconfiguration, insider threats, advanced persistent threats, ransomware, API vulnerabilities, and supply chain vulnerabilities.
HHS audit finds serious gaps in cloud security at agency office
A cybersecurity audit of the Department of Health and Human Services’ Office of the Secretary (HHS OS) revealed several serious gaps in the officer’s cloud security practices, giving potential cyber attackers access to sensitive data and unauthorized control.
Cloud Security Alliance Introduces Certificate of Cloud Security Knowledge
The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today demonstrated its commitment to improving its best-in-class, vendor-neutral cloud security training with the release of the Certificate of Cloud Security Knowledge (CCSK) v5, furnishing cloud stakeholders with the skills they need to optimize the protection of critical assets in the cloud and increase their value to their employers and the market. Offering substantial updates to CCSK v4, the latest iteration provides a detailed understanding of modern cloud components and state-of-the-art security best practices.
Your Feedback
Thanks for reading! We’ll be happy to get your claps 👏 or any feedback in the comments below.