all InfoSec news
Cloudy With a Chance of Credentials | AWS-Targeting Cred Stealer Expands to Azure, GCP
July 13, 2023, 1:01 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
By Alex Delamotte, with Ian Ahl (Permiso) and Daniel Bohannon (Permiso)
Executive Summary
- Throughout June 2023, an actor behind a cloud credentials stealing campaign has expanded their tooling to target Azure and Google Cloud Platform (GCP) services. Previously, this actor focused exclusively on Amazon Web Services (AWS) credentials.
- Cloud service credentials are increasingly targeted as actors find more ways to profit from compromising such services. This actor targeted exposed Docker instances to deploy a worm-like propagation module.
- These campaigns share …
actor alex amazon amazon web services aws azure campaign cloud cloud platform credentials daniel executive gcp google google cloud google cloud platform ian june june 2023 malware analysis permiso platform services stealer stealing target targeting tooling web web services
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Threat Analysis Engineer
@ Gen | IND - Tamil Nadu, Chennai
Head of Security
@ Hippocratic AI | Palo Alto
IT Security Vulnerability Management Specialist (15.10)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
Security Engineer - Netskope/Proofpoint
@ Sainsbury's | Coventry, West Midlands, United Kingdom
Journeyman Cybersecurity Analyst
@ ISYS Technologies | Kirtland AFB, NM, United States