The cloud services you rely on are no longer as secure as they used to be. Once seemingly a safe haven for data and applications, attackers are increasingly leveraging cloud services for command and control—and the Symantec Threat Hunter Team predicts an unnerving upshoot in 2025.
The Microsoft breach by Russian nation-state actors is one instance of many that show how even widely trusted cloud service providers (CSPs) can fall victim to targeted attacks. The implications of this rising trend are great, both for CSPs and for the SaaS systems and apps they host. Recent breaches, like those impacting Ticketmaster and Santander, underscore the fact that organizations are exposed to cascading risks in digital supply chains.
Read more…
Source: Symantec
Related:
- Storm-0501: Ransomware attacks expanding to hybrid cloud environments
September 26, 2024
Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. The said attack targeted multiple sectors in the United States, including government, manufacturing, transportation, and ...
- AT&T to pay $13 million to settle FCC probe over cloud data breach
September 17, 2024
AT&T has agreed to pay $13 million to settle a federal investigation into whether the mobile phone service provider failed to protect customer information in connection with a data breach last year, the Federal Communications Commission said Tuesday. The FCC’s probe focused on how AT&T’s privacy, cybersecurity and vendor management practices may have played a role ...
- Fortinet confirms data breach after allegedly refusing to pay ransom
September 13, 2024
In an announcement posted on Fortinet’s website, the company said that someone gained access to a “limited number of files” stored on its instance of an unnamed third-party cloud-based shared file drive. The files included “limited data related to a small number of Fortinet customers,” the announcement added, stating that this affects less than 0.3% of ...
- Join the Cyber Security & Cloud Expo Europe on 1-2 October 2024
August 30, 2024
Amsterdam, Netherlands – 1-2 October 2024 – The Cyber Security & Cloud Expo Europe 2024 is poised to be a must-attend event, bringing together top-tier experts and innovators in cybersecurity and cloud computing. Set at the RAI Amsterdam, this year’s expo promises to deliver cutting-edge insights, transformative presentations, and invaluable networking opportunities for professionals dedicated ...
- Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
August 7, 2024
The number of threat actors leveraging legitimate cloud services in their attacks has grown this year as attackers have begun to realize their potential to provide low-key and low-cost infrastructure. Traffic to and from well known, trusted services such as Microsoft OneDrive or Google Drive may be less likely to raise red flags than communications with ...
- LianSpy: new Android spyware targeting Russian users
August 5, 2024
In March 2024, Kaspersky researchers discovered a campaign targeting individuals in Russia with previously unseen Android spyware they dubbed LianSpy. Kaspersky analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs and app lists. The malicious actor behind LianSpy employs multiple ...