INTELLIGENT BRANDS // Enterprise Security
Tenable discovers vulnerability in Google Cloud involving Cloud Function , Cloud Build , CD pipeline service
Tenable disclosed that its Tenable Cloud Research Team has discovered a vulnerability in Google Cloud Platform involving its Cloud Function serverless compute service and its Cloud Build CI , CD pipeline service . Google Cloud Platform has remediated ConfusedFunction for future Cloud Build accounts , however existing Cloud Build instances remain at risk with immediate evasive action required .
David Cummins
Cloud Functions in Google Cloud Platform are event-triggered , serverless functions . They automatically scale and execute code in response to specific events like HTTP requests or data changes . When a Google Cloud Platform user creates or updates a Cloud Function , a multi-step backend process is triggered .
This process , among other things , attaches a default Cloud Build service account to the Cloud Build instance that is created as part of the function ’ s deployment . This default Cloud Build service account gives the user excessive permissions . This process happens in the background and is not something that ordinary users would be aware of .
An attacker who gains access to create or update a Cloud Function can take advantage of the function ’ s deployment process to escalate privileges to the default Cloud Build service account and other Google Cloud Platform services including Cloud Storage , and Artifact Registry or Container Registry .
By exploiting the deployment flow and the flawed trust between services an attacker could run code as the default Cloud Build service account .
“ The ConfusedFunction vulnerability highlights the problematic scenarios that may arise due to software complexity and interservice communication in a cloud provider ’ s services ,” explains Liv Matan , Senior Research Engineer , Tenable .
To support backward compatibility , Google Cloud Platform has not changed the privileges from Cloud Build service accounts created before the fix was implemented . This means that the vulnerability is still affecting existing instances and we highly recommend customers take immediate action . Google Cloud Platform confirmed it had remediated ConfusedFunction , to some extent , for Cloud Build accounts created after February 14 , 2024 .
GenAI is greater security threat than an opportunity finds Tenable
Tenable published a new study revealing that 68 % of organisations plan to harness generative AI , GenAI within the next 12 months to enhance security measures and align IT objectives with broader business goals . Despite this surge in adoption , the study also reveals a worrying trend , as only
17 % of organisations demonstrate high confidence in effectively implementing GenAI technologies .
An aspect of concern highlighted by the study is the perception of GenAI as a greater security threat than an opportunity among 41 % of organisations . This sentiment reflects widespread apprehension regarding cybersecurity risks associated with GenAI implementation . Additionally , internal misuse of GenAI emerges as a prominent concern , with 50 % of respondents expressing worry about potential misuse within their organisations .
The study emphasises the importance of data quality and integrity in the success of GenAI initiatives . A resounding 74 % of respondents stress that GenAI ' s effectiveness heavily depends on the quality of data utilised by organisations .
“ While GenAI offers immense benefits , there are also serious concerns
Liv Matan
surrounding security , governance , and data quality ,” says David Cummins , Senior VP of EMEA at Tenable . p
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 71