The cloud services you rely on are no longer as secure as they used to be. Once seemingly a safe haven for data and applications, attackers are increasingly leveraging cloud services for command and control—and the Symantec Threat Hunter Team predicts an unnerving upshoot in 2025.
The Microsoft breach by Russian nation-state actors is one instance of many that show how even widely trusted cloud service providers (CSPs) can fall victim to targeted attacks. The implications of this rising trend are great, both for CSPs and for the SaaS systems and apps they host. Recent breaches, like those impacting Ticketmaster and Santander, underscore the fact that organizations are exposed to cascading risks in digital supply chains.
Read more…
Source: Symantec
Related:
- Navigating the Cloud: Exploring Lateral Movement Techniques
February 28, 2024
In this post, Unit 42 researchers reseat examine lateral movement techniques, showcasing some that they have observed in the wild within cloud environments. Lateral movement can be achieved by leveraging both cloud APIs and access to compute instances, with access at the cloud level potentially extending to the latter. We explore cloud lateral movement techniques in ...
- Cyber Security & Cloud Congress North America Unveils Esteemed Speaker Lineup
February 26, 2024
The Cyber Security & Cloud Congress North America has revealed the newest additions to its speakers’ line up for its forthcoming conference, slated to be held at the Santa Clara Convention Center on June 5-6, 2024. Among the notable speakers set to take the stage are: Alissa “Dr Jay” Abdullah, Deputy Chief Security Officer – Mastercard Benjamin Benhan, ...
- BMW security lapse exposed sensitive company information, researcher finds
February 14, 2024
A misconfigured cloud storage server belonging to automotive giant BMW exposed sensitive company information, including private keys and internal data, TechCrunch has learned. Can Yoleri, a security researcher at threat intelligence company SOCRadar, told TechCrunch that he discovered the exposed BMW cloud storage server while routinely scanning the internet. Read more… Source: TechCrunch
- US military notifies 20,000 of data breach after cloud email leak
February 14, 2024
The U.S. Department of Defense is notifying tens of thousands of individuals that their personal information was exposed in an email data spill last year. According to the breach notification letter sent out to affected individuals on February 1, the Defense Intelligence Agency — the DOD’s military intelligence agency — said, “numerous email messages were inadvertently ...
- Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments
February 12, 2024
Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accounts, including senior executives. This post serves as a community warning regarding the attack and offers suggestions that affected organizations can implement to protect themselves from it. Proofpoint researchers detected ...
- Cyber Security & Cloud Congress 2024: Uniting 7,000 Experts at the Global Hub of Innovation and Insight
January 22, 2024
Santa Clara, CA — 17.01.2024 Cyber Security & Cloud Congress 2024, is an esteemed assembly of more than 7,000 professionals in the Cyber Security & Cloud field. The event is scheduled to occur on June 5-6, 2024, at the Santa Clara Convention Center. Envisioned as one of the most extensive conferences and exhibitions of its category ...