Google fixes Cloud Composer privilege escalation vulnerability – Go Health Pro

Google fixes Cloud Composer privilege escalation vulnerability – Go Health Pro

Google fixed a vulnerability in Cloud Composer 2 that could have led to privilege escalation through exploitation of the default Cloud Build service account, Tenable researchers reported Tuesday.Cloud Composer is an Apache Airflow-based fully managed workflow orchestration service within the Google Cloud Platform that can be used to create, schedule and monitor data pipelines.Cloud Composer … Read more

GUEST ESSAY: How AI co-pilots boost the risk of data leakage — making ‘least privilege’ a must – Go Health Pro

GUEST ESSAY: How AI co-pilots boost the risk of data leakage — making ‘least privilege’ a must – Go Health Pro

By Jim Alcove The rise of AI co-pilots is exposing a critical security gap: sensitive data sprawl and excessive access permissions. Related: Weaponizing Microsoft’s co-pilot Until now, lackluster enterprise search capabilities kept many security risks in check—employees simply couldn’t find much of the data they were authorized to access. But Microsoft Copilot changes the game, … Read more

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform – Go Health Pro

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform – Go Health Pro

Nov 15, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. “By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to … Read more