New DarkCloud Campaign Leverages Spam Emails

24-May-23

It has been discovered that the Google Cloud Platform’s (GCP) Cloud SQL service has a new security hole that might potentially be used to access private data. In addition to getting access to client data, the flaw may have allowed a bad actor to advance from a basic Cloud SQL user to a full-fledged sysadmin on a container, according to Israeli cloud security firm Dig.

A fully-managed option for creating MySQL, PostgreSQL, and SQL Server databases for cloud-based applications is called Cloud SQL. In a word, the multi-stage attack chain discovered by Dig took use of a hole in SQL Server’s security layer on the cloud platform to elevate a user’s credentials to an administrator role.

Read More…