all InfoSec news
SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft
Malware Analysis, News and Indicators - Latest topics malware.news
The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL, that resulted in stolen proprietary data. The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials. They also attempted to pivot using a Terraform state file to other connected AWS accounts to spread their reach throughout the organization.
This attack was more sophisticated than most, as it …
account accounts aws cloud credentials customer data data theft environment escalation exploited kubernetes order pivot privilege privilege escalation research scarleteel software state steal stolen sysdig team terraform theft threat threat research workload