During the development of our XDR sensor for Google Workspace and Google Cloud Platform, we uncovered previously unknown attack methods for escalating a compromise from a single endpoint to a network-wide breach, potentially leading to ransomware attacks or data exfiltration.
Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, gain access to the cloud platform with custom permissions, or decrypt locally stored passwords to continue their attack beyond the Google ecosystem.
We will be joined by the security researcher who originally discovered these novel attack pathways to discuss:
|
|
Martin Zugec
Technical Solutions Director
Bitdefender
|
Radu Tudorica
Security Researcher
Bitdefender
|