The cloud services you rely on are no longer as secure as they used to be. Once seemingly a safe haven for data and applications, attackers are increasingly leveraging cloud services for command and control—and the Symantec Threat Hunter Team predicts an unnerving upshoot in 2025.
The Microsoft breach by Russian nation-state actors is one instance of many that show how even widely trusted cloud service providers (CSPs) can fall victim to targeted attacks. The implications of this rising trend are great, both for CSPs and for the SaaS systems and apps they host. Recent breaches, like those impacting Ticketmaster and Santander, underscore the fact that organizations are exposed to cascading risks in digital supply chains.
Read more…
Source: Symantec
Related:
- AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
February 23, 2026
Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS. The campaign, which ran from mid-January to mid-February, relied less on clever zero-days and more on the equivalent of trying every digital door handle – just ...
- Data leak at Abu Dhabi finance summit exposes global figures
February 18, 2026
Former British prime minister David Cameron and hedge fund billionaire Alan Howard were among the hundreds whose passports and other identification papers were leaked online after they attended an Abu Dhabi conference, the Financial Times reported on Feb 17. The FT, citing documents, said scans of more than 700 passports and state identity cards were discovered ...
- EU Parliament blocks AI tools over cyber, privacy fears
February 16, 2026
he European Parliament has disabled AI features on the work devices of lawmakers and their staff over cybersecurity and data protection concerns, according to an internal email seen by POLITICO. The chamber emailed its members on Monday to say it had disabled “built-in artificial intelligence features” on corporate tablets after its IT department assessed it couldn’t ...
- Novel Technique to Detect Cloud Threat Actor Operations
February 6, 2026
Cloud-based alerting systems often struggle to distinguish between normal cloud activity and targeted malicious operations by known threat actors. The difficulty doesn’t lie in an inability to identify complex alerting operations across thousands of cloud resources or in a failure to follow identity resources, the problem lies in the accurate detection of known persistent threat actor ...
- Airbus to migrate critical apps to a sovereign Euro cloud
December 19, 2025
Airbus is preparing to tender a major contract to migrate mission-critical workloads to a digitally sovereign European cloud – but estimates only an 80/20 chance of finding a suitable provider. The aerospace manufacturer, which has already consolidated its datacenter estate and uses services like Google Workspace, now wants to move key on-premises applications including ERP, manufacturing ...
- Amazon security boss blames Russia’s GRU for years-long energy-sector hacks
December 15, 2025
Russia’s Main Intelligence Directorate (GRU) is behind a years-long campaign targeting energy, telecommunications, and tech providers, stealing credentials and compromising misconfigured devices hosted on AWS to give the Kremlin’s snoops persistent access to sensitive networks, according to Amazon’s security boss. “The campaign demonstrates sustained focus on Western critical infrastructure, particularly the energy sector, with operations spanning ...