Login

Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.online is one of the many independent Mastodon servers you can use to participate in the fediverse.
A newer server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

10K
active users

mastodon.online: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.0-nightly.2025-04-15

#gcpfail

0 posts0 participants0 posts today
Public
0x40k

Cloud security? Yeah, about those assumptions... 🙄

Just caught wind of that Google Cloud Run vulnerability, "ImageRunner". Honestly, it's pretty wild how straightforward privilege escalation can sometimes be. You know how clients often think, "Oh, it's the cloud, it must be secure!"? Well, the reality on the ground can paint a very different picture.

Here's the deal: IAM permissions are absolute gold! 🔐 Attackers are out there trying to snatch container images so they can inject malicious code. Speaking as pentesters, we unfortunately come across scenarios like this far too often.

Sure, automated scans are a decent starting point, no doubt. But let's be real, a thorough pentest usually uncovers much more hidden stuff.

So, spill the tea! What cloud security nightmares have kept *you* up at night? 🤔 And on the flip side, what best practices have genuinely been lifesavers for you? Let's hear it!

#CloudSec#Pentesting#GCPfail
ExploreLive feeds
About