CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls

November 26, 2024 at 11:31AM CyberRatings.org has completed a “Mini-Test” of native firewalls from AWS, Azure, and GCP, assessing their security effectiveness against 522 exploits. Results showed protection effectiveness ranging from 0.38% to 50.57%. The findings raise concerns about reliance on CSP firewalls, urging customers to consider third-party solutions. A second, more rigorous test is … Read more

Dependency Confusion Could Have Led to RCE in Google Cloud Platform

September 17, 2024 at 09:15AM Tenable revealed details of the CloudImposer attack method, which could have led to remote code execution on Google Cloud Platform (GCP). The attack exploited a Python argument to carry out a dependency confusion attack. After reporting the vulnerability, Google promptly patched the RCE bug and updated its documentation to mitigate … Read more