Mandiant
Google Cloud has published its latest Threat Horizons Report, bringing decision-makers strategic intelligence on threats to cloud enterprise users.
key takeaways from the report include:
- Credentials factor into over half of incidents in Q1 2023
- In Q1 2023 our Cloud incident response teams observed that credential issues continue to be a consistent challenge accounting for over 60% of compromise factors, which could be addressed by stronger identity management guardrails in place at the organisation level.
- Misconfiguration accounted for 19% of compromise factors which were also associated with other compromise factors such as sensitive UI or APIs exposed which account.
- An example of how these two factors are associated could include a misconfigured firewall that unintentionally provided public access to a UI.
- Top risky actions that can lead to compromises: cross-project abuse of access token generation permission, replacement of existing compute disks/snapshots, service account key creation, and GCE project SSH keys.
- Mobile Apps Evading Cloud Enterprise Detection through Versioning
- Researchers have identified instances of Android applications
/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).
