Israeli cloud security firm Dig has recently disclosed a new security flaw in Google Cloud Platform's (GCP) Cloud SQL service that allows an attacker to gain access to confidential information. Cloud SQL is a fully managed relational database service used for building SQL Server, PostgreSQL, and MySQL, for cloud-based applications. By leveraging this flaw, malicious actors could escalate their privileges from a standard Cloud SQL user to a sysadmin on a container, thereby acquiring sensitive data such as secrets, passwords, and sensitive files, alongside customer data. Moreover, a multi-stage attack chain exploits the vulnerability in the security layer related to SQL Server, which allows the attacker to escalate their user privileges to that of an administrator role. By gaining elevated permissions, the attacker could exploit another critical misconfiguration, ultimately granting them system administrator rights and complete control over the database server. Further, the attackers would be able to infiltrate the underlying operating system and gain access to all hosted, perform file enumeration and password extraction, which in turn can serve as a starting point for launching subsequent attacks. The consequences of such a breach are significant, as it exposes sensitive data belonging to both the cloud provider and its customers.
A new variant of TheMoon malware botnet has emerged, infecting thousands of outdated small office and home office (SOHO) routers and IoT devices across 88 countries. This variant i...
NVIDIA issued critical patches for two vulnerabilities in its ChatRTX for Windows application, highlighting the risk of code execution and data tampering threats. These flaws, rate...
Unit 42 researchers have uncovered cyberespionage activities by two Chinese advanced persistent threat (APT) groups targeting entities and member countries associated with the Asso...