IT Pro reports that Google's Mandiant has issued a warning regarding exposed serverless cloud functions, which can provide attackers with access to sensitive information and broader cloud environments. The cybersecurity firm is urging organizations to implement enhanced security measures to mitigate these risks.Mandiant has observed an increase in public-facing serverless applications lacking authentication, often due to business needs. The rapid adoption of generative AI, including chatbots and image generation, is a significant factor, as these workflows rely on serverless functions. Attackers exploit vulnerabilities like local and remote file inclusion, and command injection to gain entry. Once inside, they attempt to escalate privileges by extracting secrets from application code, analyzing logic for further attack vectors, or exfiltrating service account bearer tokens via remote code execution. These compromised credentials allow threat actors to move laterally to adjacent systems, potentially leading to a complete environment takeover.Mandiant recommends integrating security scanning, code reviews, and least-privilege identity and access management into CI/CD pipelines before deployment. They also advise isolating AI experimentation in sandboxes, restricting development environments, and ensuring AI-generated software adheres to Secure Software Development Lifecycle controls. For runtime, hosting public-facing Cloud Run services in isolated projects and restricting ingress traffic are crucial. Mandiant emphasizes that hardening serverless functions is only one part of a secure architecture, and a defense-in-depth strategy is critical to prevent lateral movement and data exfiltration.Source: IT Pro
Cloud Security
Google Mandiant warns of exposed serverless functions as attack vector

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



