Cloud Threat Landscape

Incidents
Actors
Techniques
Defenses
Periodic Table
Tools
Targeted Technologies
About
RSS
STIX
Back to wiz.io

Cloud Threat Landscape

Credential theft

Tags

ATT&CK Tactic

Credential Access (TA0006)

Incidents

SilentBob cryptomining campaign Qubitstrike Crypto Mining and Rootkit Campaign LAPSUS$ campaigns FBot toolkit targets cloud environments Commando Cat campaign From S3 bucket to Jenkins credential dump Affirmed Networks breach LLMjacking via Laravel exploitation Atlas Lion phishing campaign Smishing into Entra onto VMWare ransomware Scattered Spider SaaS targeting (2024)CRYSTALRAY: threat actors exploiting OSS tools Ransomware operators exploit ESXi vulnerability Scattered Spider Abuses Cloud Management Agent ShinyHunters Ransomware Targeting Cloud Environments Extortion Campaign Exploiting Exposed Environment Variable APT29 Targeting Zimbra and TeamCity Servers Earth Simnavaz (APT34) Targeting UAE and Gulf Regions UNC5820 exploiting FortiManager flaw BrowserStack Data Breach Dropbox Github breach Mozi Botnet Using AndroxGh0st Toolkit to Target Cloud Environments SharePoint Vulnerability Exploited in-the-Wild Earth Kasha’s Campaign Exploiting Fortinet Vulnerability Volkswagen data leak through Spring Boot Actuator misconfiguration Phishing campaign leading to Azure account takeover Storm-0501 attacking hybrid environments with ransomware

Last edited

May 20, 2024 6:49 AM

Status

Stub

Defenses

Access Control List (ACL)Role-Based Access Control (RBAC)Single Sign-On (SSO)Key Management System (KMS)

Made with 💙 by Wiz

Last Updated: June 25, 2024