Cloud-based alerting systems often struggle to distinguish between normal cloud activity and targeted malicious operations by known threat actors.
The difficulty doesn’t lie in an inability to identify complex alerting operations across thousands of cloud resources or in a failure to follow identity resources, the problem lies in the accurate detection of known persistent threat actor group techniques specifically within cloud environments.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- More than 12,000 servers supported a coordinated phishing infrastructure worldwide
June 11, 2026
When a suspicious email lands in your inbox promising financial rewards or urgent payment requests, the infrastructure behind that email is rarely what it appears to be. An investigation by Comparitech revealed a coordinated spam and phishing network spanning 12,704 servers in 55 countries. These phishing emails are tied to fake financial rewards and similar scams, using tactics designed ...
- App host Vercel says it was hacked and customer data stolen
April 20, 2026
Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees ...
- AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
February 23, 2026
Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS. The campaign, which ran from mid-January to mid-February, relied less on clever zero-days and more on the equivalent of trying every digital door handle – just ...
- Data leak at Abu Dhabi finance summit exposes global figures
February 18, 2026
Former British prime minister David Cameron and hedge fund billionaire Alan Howard were among the hundreds whose passports and other identification papers were leaked online after they attended an Abu Dhabi conference, the Financial Times reported on Feb 17. The FT, citing documents, said scans of more than 700 passports and state identity cards were discovered ...
- EU Parliament blocks AI tools over cyber, privacy fears
February 16, 2026
he European Parliament has disabled AI features on the work devices of lawmakers and their staff over cybersecurity and data protection concerns, according to an internal email seen by POLITICO. The chamber emailed its members on Monday to say it had disabled “built-in artificial intelligence features” on corporate tablets after its IT department assessed it couldn’t ...
- Novel Technique to Detect Cloud Threat Actor Operations
February 6, 2026
Cloud-based alerting systems often struggle to distinguish between normal cloud activity and targeted malicious operations by known threat actors. The difficulty doesn’t lie in an inability to identify complex alerting operations across thousands of cloud resources or in a failure to follow identity resources, the problem lies in the accurate detection of known persistent threat actor ...