Exploiting Google Cloud Platform With Ease

Security engineer Dylan Ayrey and Cruise senior infrastructure security engineer Allison Donovan describe fundamental weaknesses in GCP identity management that enable privilege escalation and lateral movement.

Filmed for the
Dark Reading News Desk at Black Hat Virtual
. Excerpts below.
DYLAN AYREY: The [Google Cloud Platform] ActAs permission is a permission that can be used to attach an identity to a resource that you’ve provisioned. So it can be used by an attacker because if one identity that an attacker has control over can
itself
attach other identities to resources that the attacker would [then] have full control over, then they can use that to elevate their permissions. ...
ALLISON DONOVAN: There are a few different cool ways to mitigate these problems from the start to try to take a proactive approach to securing your [identity and access management] around your resources in GCP. One really cool mitigation that we were working with GCP on … providing platform-level configurations that enabled you to remove IAM permissions from some of the default identities that are created in GCP – specifically the Compute Engine service account and the App Engine service accounts.
Related content:
Why Confidential Computing is a Game-Changer
What a Security Engineer and Software Engineer Learned from Switching Roles
COVID-19 & Computings New Normal: A Dark Reading Special Report

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Exploiting Google Cloud Platform With Ease