How to prevent lateral movement techniques on Google Cloud

Source

Cybercriminals often use lateral movement techniques when exploring a compromised network to slide sideways, from devices to applications, as they hunt for vulnerabilities, escalate access privileges, and seek to reach their ultimate target. Research published today by Palo Alto Networks highlights several techniques that exploit misconfigurations which could allow a malicious actor to move laterally in cloud environments. While these misconfiguration problems aren’t new, Palo Alto Networks’ research showcases real-world scenarios in which cybercriminals have abused cloud administration permissions to access unauthorized content across cloud providers, including AWS, Azure, and Google Cloud. In this post, we explain the misconfigurations that [...]