Questa pagina è stata tradotta dall'API Cloud Translation.

Risultati delle minacce Cloud Run

Security Command Center esegue il monitoraggio runtime e del control plane delle risorse Cloud Run. Per le risposte consigliate a queste minacce, vedi Rispondere ai risultati delle minacce di Cloud Run.

Tipi di risultati di runtime

Le seguenti rilevazioni di runtime sono disponibili con Cloud Run Threat Detection:

Command and Control: Steganography Tool Detected

Command and Control: Find Google Cloud Credentials

Credential Access: GPG Key Reconnaissance

Credential Access: Search Private Keys or Passwords

Defense Evasion: Base64 ELF File Command Line

Defense Evasion: Base64 Encoded Python Script Executed

Defense Evasion: Base64 Encoded Shell Script Executed

Defense Evasion: Launch Code Compiler Tool In Container

Execution: Added Malicious Binary Executed

Execution: Added Malicious Library Loaded

Execution: Built in Malicious Binary Executed

Execution: Container Escape

Execution: Fileless Execution in /memfd:

Execution: Kubernetes Attack Tool Execution

Execution: Local Reconnaissance Tool Execution

Execution: Malicious Python executed

Execution: Modified Malicious Binary Executed

Execution: Modified Malicious Library Loaded

Execution: Netcat Remote Code Execution in Container

Execution: Possible Arbitrary Command Execution through CUPS (CVE-2024-47177)

Execution: Possible Remote Command Execution Detected

Execution: Program Run with Disallowed HTTP Proxy Env

Execution: Socat Reverse Shell Detected

Execution: Suspicious OpenSSL Shared Object Loaded

Exfiltration: Launch Remote File Copy Tools in Container

Impact: Detect Malicious Cmdlines

Impact: Remove Bulk Data From Disk

Impact: Suspicious crypto mining activity using the Stratum Protocol

Malicious Script Executed

Malicious URL Observed

Privilege Escalation: Abuse of Sudo For Privilege Escalation (CVE-2019-14287)

Privilege Escalation: Fileless Execution in /dev/shm

Privilege Escalation: Polkit Local Privilege Escalation Vulnerability (CVE-2021-4034)

Privilege Escalation: Sudo Potential Privilege Escalation (CVE-2021-3156)

Reverse Shell

Unexpected Child Shell

Tipi di risultati del control plane

Con Event Threat Detection sono disponibili i seguenti rilevamenti del control plane:

Execution: Cryptomining Docker Image

Impact: Cryptomining Commands

Privilege Escalation: Default Compute Engine Service Account SetIAMPolicy

Passaggi successivi

Scopri di più su Cloud Run Threat Detection.
Scopri di più su Event Threat Detection.
Scopri come rispondere ai risultati delle minacce di Cloud Run.
Consulta l'indice dei risultati delle minacce.

Risultati delle minacce Cloud Run Mantieni tutto organizzato con le raccolte Salva e classifica i contenuti in base alle tue preferenze.

Tipi di risultati di runtime

Tipi di risultati del control plane

Passaggi successivi

Risultati delle minacce Cloud Run