Halaman ini diterjemahkan oleh Cloud Translation API.

Temuan ancaman Cloud Run

Security Command Center melakukan pemantauan runtime dan control plane resource Cloud Run. Untuk mengetahui respons yang direkomendasikan terhadap ancaman ini, lihat Merespons temuan ancaman Cloud Run.

Jenis temuan runtime

Deteksi runtime berikut tersedia dengan Deteksi Ancaman Cloud Run:

Command and Control: Steganography Tool Detected

Command and Control: Find Google Cloud Credentials

Credential Access: GPG Key Reconnaissance

Credential Access: Search Private Keys or Passwords

Defense Evasion: Base64 ELF File Command Line

Defense Evasion: Base64 Encoded Python Script Executed

Defense Evasion: Base64 Encoded Shell Script Executed

Defense Evasion: Launch Code Compiler Tool In Container

Execution: Added Malicious Binary Executed

Execution: Added Malicious Library Loaded

Execution: Built in Malicious Binary Executed

Execution: Container Escape

Execution: Fileless Execution in /memfd:

Execution: Kubernetes Attack Tool Execution

Execution: Local Reconnaissance Tool Execution

Execution: Malicious Python executed

Execution: Modified Malicious Binary Executed

Execution: Modified Malicious Library Loaded

Execution: Netcat Remote Code Execution in Container

Execution: Possible Arbitrary Command Execution through CUPS (CVE-2024-47177)

Execution: Possible Remote Command Execution Detected

Execution: Program Run with Disallowed HTTP Proxy Env

Execution: Socat Reverse Shell Detected

Execution: Suspicious OpenSSL Shared Object Loaded

Exfiltration: Launch Remote File Copy Tools in Container

Impact: Detect Malicious Cmdlines

Impact: Remove Bulk Data From Disk

Impact: Suspicious crypto mining activity using the Stratum Protocol

Malicious Script Executed

Malicious URL Observed

Privilege Escalation: Abuse of Sudo For Privilege Escalation (CVE-2019-14287)

Privilege Escalation: Fileless Execution in /dev/shm

Privilege Escalation: Polkit Local Privilege Escalation Vulnerability (CVE-2021-4034)

Privilege Escalation: Sudo Potential Privilege Escalation (CVE-2021-3156)

Reverse Shell

Unexpected Child Shell

Jenis temuan bidang kontrol

Deteksi bidang kontrol berikut tersedia dengan Event Threat Detection:

Execution: Cryptomining Docker Image

Impact: Cryptomining Commands

Privilege Escalation: Default Compute Engine Service Account SetIAMPolicy

Langkah berikutnya

Pelajari Deteksi Ancaman Cloud Run.
Pelajari Event Threat Detection.
Pelajari cara menanggapi temuan ancaman Cloud Run.
Lihat Indeks temuan ancaman.

Temuan ancaman Cloud Run Tetap teratur dengan koleksi Simpan dan kategorikan konten berdasarkan preferensi Anda.

Jenis temuan runtime

Jenis temuan bidang kontrol

Langkah berikutnya

Temuan ancaman Cloud Run