{"id":52894,"date":"2023-07-24T04:08:27","date_gmt":"2023-07-24T04:08:27","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/"},"modified":"2023-07-24T04:08:27","modified_gmt":"2023-07-24T04:08:27","slug":"google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/","title":{"rendered":"Google half-patches Cloud Build permissions exploit, the rest is on you"},"content":{"rendered":"<p><span class=\"label\">Infosec in brief<\/span> A security weakness in Google Cloud Build could have allowed attackers to tamper with organizations&#8217; code repositories and application images, according to Orca Security researchers.<\/p>\n<p>The firm&#8217;s Research Pod today published details about a &#8220;critical&#8221; flaw, and warned that it could have been exploited to achieve a supply-chain attack along the lines of SolarWinds \u2013 or, more recently, MOVEit \u2013 with &#8220;far reaching consequences.&#8221;<\/p>\n<p>After word of the vulnerability reached the Chocolate Factory, Google deployed a fix \u2013 though it doesn&#8217;t fully address the issue, according to Orca researcher Roi Nisimi.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;It only limits it \u2013 turning it into a design flaw that still leaves organizations vulnerable to the larger supply chain risk,&#8221; Nisimi said. &#8220;It requires security teams to put further measures in place to protect against this risk.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>The issue, as Google describes it, is more about poorly defined permissions.<\/p>\n<p>Cloud Build, as an automation service, uses service accounts to authenticate requests made during a build.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>As Orca researchers discovered, if someone enables the Cloud Build API in a project, the product automatically creates a default service account to execute builds. Up until June, this contained a flaw that gave builds access to the private audit logs showing a complete list of all permissions on the project.<\/p>\n<p>When asked about Orca&#8217;s claim that this only provided a partial fix, a Google spokesperson gave <em>The Register<\/em> little in the way of explanation \u2013 saying only that its vulnerability rewards program exists to find those sorts of issues, and that it appreciates Orca&#8217;s help.&nbsp;<\/p>\n<p>But will Goog deploy a further fix for the bug?<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;We appreciate the work of the researchers and have incorporated a fix based on their report as outlined in a security bulletin issued in early June,&#8221; Google told us. We&#8217;ll take that as a no.<\/p>\n<p>In the meantime, it&#8217;s on you, IT leaders.<\/p>\n<p>&#8220;It&#8217;s \u2026 important that organizations pay close attention to the behavior of the default Google Cloud Build service account,&#8221; Nisimi said, adding that applying the <a href=\"https:\/\/cloud.google.com\/iam\/docs\/using-iam-securely#least_privilege\" rel=\"nofollow\">principle of least privilege<\/a> is vital to reducing an organization&#8217;s risk.&nbsp;<\/p>\n<div class=\"boxout\" readability=\"29.912702305051\">\n<h3 class=\"crosshead\">Critical vulnerabilities of the week<\/h3>\n<p>Adobe leads the critical vulnerability pack this week with a series of security stumbles.&nbsp;<\/p>\n<p>With the <a href=\"https:\/\/www.rapid7.com\/blog\/post\/2023\/07\/17\/etr-active-exploitation-of-multiple-adobe-coldfusion-vulnerabilities\/\" rel=\"nofollow\">assistance<\/a> of Rapid7 security researchers, Adobe determined it issued an incomplete fix for an access control bypass in ColdFusion that, when chained with a subsequent vulnerability, led to active exploitation.&nbsp;<\/p>\n<p>It breaks down like this: Researchers from Project Discovery published an exploit for what Rapid7 said PD likely thought was for a deserialization of untrusted data exploit in ColdFusion <a href=\"https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-40.html\" rel=\"nofollow\">patched<\/a> by Adobe on July 11. PD actually found a new vulnerability necessitating another <a href=\"https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-41.html\" rel=\"nofollow\">patch<\/a> on July 14.&nbsp;<\/p>\n<p>Unfortunately, the patch deployed in July 11 was incomplete and allowed it to be chained with the exploit patched on July 14, so a <a href=\"https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-47.html\" rel=\"nofollow\">third patch<\/a> has been issued. Best to update now.&nbsp;<\/p>\n<p>Other serious vulns reported this week:&nbsp;<\/p>\n<ul>\n<li>CVSS 10.0 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-199-03\" rel=\"nofollow\">Multiple CVEs<\/a>: Iagona&#8217;s ScrutisWeb software, used for monitoring fleets of ATMs, contains multiple vulnerabilities that could allow an attacker to upload and execute arbitrary files.&nbsp;<\/li>\n<li>CVSS 9.8 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-199-05\" rel=\"nofollow\">CVE-2023-3638<\/a>: The GV-ADR2701 model of GeoVision security cameras has an issue on the login page that an attacker could exploit by editing the login response to gain access to the camera&#8217;s web app.<\/li>\n<li>CVSS 8.1 \u2013 <a href=\"https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-199-07\" rel=\"nofollow\">Multiple CVEs<\/a>: KingHistorian time-series databases made by WellinTech contain a pair of vulnerabilities that an attacker could use to send malicious data and disclose sensitive info.<\/li>\n<\/ul>\n<p>Also, both <a href=\"https:\/\/www.oracle.com\/security-alerts\/cpujul2023.html#AppendixUTIL\" rel=\"nofollow\">Oracle<\/a> and <a href=\"https:\/\/confluence.atlassian.com\/security\/security-bulletin-july-18-2023-1251417643.html\" rel=\"nofollow\">Atlassian<\/a> released monthly patches this week to address several critical issues.<\/p>\n<p>Just a pair of new known exploited vulnerabilities this week, but they&#8217;re quite high profile:<\/p>\n<ul>\n<li>CVSS 9.8 \u2013 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-3519\" rel=\"nofollow\">CVE-2023-3519<\/a>: Attackers are <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa23-201a\" rel=\"nofollow\">actively exploiting<\/a> a remote code execution vulnerability in Citrix Gateway and ADC identified by the company and patched on July 18.&nbsp;<\/li>\n<li>CVSS 8.8 \u2013 <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-36884\" rel=\"nofollow\">CVE-2023-36884<\/a>: Microsoft said it&#8217;s investigating a series of RCE vulnerabilities in Office and Windows products that are under active exploit via malicious Office documents.<\/li>\n<\/ul>\n<\/div>\n<h3 class=\"crosshead\">Amazon agrees to pay $25 million to settle Alexa COPPA violations<\/h3>\n<p>The US Department of Justice <a href=\"https:\/\/www.justice.gov\/opa\/pr\/amazon-agrees-injunctive-relief-and-25-million-civil-penalty-alleged-violations-childrens\" rel=\"nofollow\">said<\/a> this week that it had reached an agreement with Amazon regarding its alleged violations of the Children&#8217;s Online Privacy Protection Act (COPPA).&nbsp;<\/p>\n<p>The settlement stems from charges that Amazon had a policy of retaining voice recordings of those under the age of 13 indefinitely by default \u2013 which violates COPPA rules \u2013 among other privacy violations.<\/p>\n<p>Amazon agreed to pay the DoJ $25 million, or 0.78 percent of its <a href=\"https:\/\/ir.aboutamazon.com\/news-release\/news-release-details\/2023\/Amazon.com-Announces-First-Quarter-Results\/\" rel=\"nofollow\">Q1 2023 profit<\/a>, to settle the issue without admitting or denying responsibility. Along with the pittance of a fine, Amazon has agreed to delete inactive child profiles, stop misrepresenting its Alexa recording retention policy and to report to the DoJ on its compliance with the orders for the next decade.&nbsp;<\/p>\n<p>The suit, which was <a href=\"https:\/\/www.ftc.gov\/news-events\/news\/press-releases\/2023\/05\/ftc-doj-charge-amazon-violating-childrens-privacy-law-keeping-kids-alexa-voice-recordings-forever\" rel=\"nofollow\">brought<\/a> in late May, extracted a bargain from Amazon as soon as it was filed. Writing on the same day the accusations came to light, Amazon <a href=\"https:\/\/www.aboutamazon.com\/news\/policy-news-views\/amazon-response-to-ftc-settlement-regarding-alexa\" rel=\"nofollow\">said<\/a> it disagreed with the FTC&#8217;s claims, but was still settling to put the matter behind it.<\/p>\n<p>&#8220;We will continue to invent more privacy features on behalf of our customers and ensure they are aware of the controls and options available to them,&#8221; Amazon said, as ordered.<\/p>\n<p> <strong>Cyber security labels coming soon to US smart tech<\/strong>\n<\/p>\n<p>The Biden administration announced <a href=\"https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2023\/07\/18\/biden-harris-administration-announces-cybersecurity-labeling-program-for-smart-devices-to-protect-american-consumers\/\" rel=\"nofollow\">plans<\/a> this week to introduce a US Cyber Trust Mark for smart devices \u2013 think <a href=\"https:\/\/www.energystar.gov\/\" rel=\"nofollow\">Energy Star<\/a>, but for internet-connected devices.<\/p>\n<p>Proposed by Federal Communications Commission chairwoman Jessica Rosenworcel, The Cyber Trust Mark could begin appearing on smart fridges, microwaves, TVs, climate control systems, fitness trackers and other devices as soon as next year.&nbsp;<\/p>\n<p>&#8220;This new labeling program would help provide Americans with greater assurances about the cyber security of the products they use and rely on in their everyday lives,&#8221; The White House said in a statement. &#8220;It would also be beneficial for businesses, as it would help differentiate trustworthy products in the marketplace.&#8221;<\/p>\n<p>The actual plan for implementing the Cyber Trust Mark is forthcoming, with the FCC still to introduce proposed rules for public comment.&nbsp;<\/p>\n<p>What a device will need to do in order to qualify is also still to be defined. The Biden administration said the voluntary program would be based on cyber security criteria from the National Institute of Standards and Technology and may include &#8220;unique and strong default passwords, data protection, software updates, and incident detection capabilities.&#8221; \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/07\/24\/infosec_in_brief\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ALSO: Amazon&#8217;s child-sized COPPA fine, smart tech security labels coming to the US, and this week&#8217;s critical vulns Infosec in brief\u00a0 A security weakness in Google Cloud Build could have allowed attackers to tamper with organizations&#8217; code repositories and application images, according to Orca Security researchers.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-52894","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Google half-patches Cloud Build permissions exploit, the rest is on you 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google half-patches Cloud Build permissions exploit, the rest is on you 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-24T04:08:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Google half-patches Cloud Build permissions exploit, the rest is on you\",\"datePublished\":\"2023-07-24T04:08:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/\"},\"wordCount\":1085,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/\",\"name\":\"Google half-patches Cloud Build permissions exploit, the rest is on you 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2023-07-24T04:08:27+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google half-patches Cloud Build permissions exploit, the rest is on you\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google half-patches Cloud Build permissions exploit, the rest is on you 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/","og_locale":"en_US","og_type":"article","og_title":"Google half-patches Cloud Build permissions exploit, the rest is on you 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-24T04:08:27+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Google half-patches Cloud Build permissions exploit, the rest is on you","datePublished":"2023-07-24T04:08:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/"},"wordCount":1085,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/","url":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/","name":"Google half-patches Cloud Build permissions exploit, the rest is on you 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2023-07-24T04:08:27+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZL5tFCxDPjC5OQTNmMk4gQAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/google-half-patches-cloud-build-permissions-exploit-the-rest-is-on-you\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Google half-patches Cloud Build permissions exploit, the rest is on you"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52894"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52894\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}