Cloud Threat Landscape

Incidents
Actors
Techniques
Defenses
Periodic Table
Tools
Targeted Technologies
About
RSS
STIX
Back to wiz.io

Cloud Threat Landscape

DangerDev SES abuse incident

Type

Incident

Actors

Pub. date

January 31, 2024

Initial access

Exposed secret

Impact

Resource hijacking

Observed techniques

Cloud API enumeration Create new cloud user Create or modify firewall or security group rules Launch new cloud resources Evasive username patterns Domain registration abuse SES abuse for spam or phishing Attach administrative role to account Share compromised resources to an external account Policy simulation Modify existing IAM user or role Cloud compute cryptojacking

Targeted technologies

References

https://www.invictus-ir.com/news/the-curious-case-of-dangerdev-protonmail-mehttps://twitter.com/frichette_n/status/1752751624315933020

Status

Stub

Last edited

Jun 2, 2024 8:02 AM

Made with 💙 by Wiz

Last Updated: June 25, 2024