Cloud Threat Landscape

Incidents
Actors
Techniques
Defenses
Periodic Table
Tools
Targeted Technologies
About
RSS
STIX
Back to wiz.io

Cloud Threat Landscape

Vulnerability exploitation

Tags

Network

ATT&CK Tactic

Initial Access (TA0001)Privilege Escalation (TA0004)

Incidents

Apache server Cryptojacking with Cobalt Strike Prophet Spider campaign Andariel exploiting Apache ActiveMQ GoTitan ActiveMQ campaign LAPSUS$ campaigns P2PInfect campaign 8820 Gang targeting WebLogic Trigona targeting MSSQL servers RE#TURGENCE MSSQL Server RansomOp Mimic used by Trigona operators Lucifer Botnet targeting Hadoop C3Pool mining via Confluence vulnerability z0Miner targeting WebLogic servers Meson Network cryptojacking campaign ShadowSyndicate aiohttp exploitation UNC5174 ScreenConnect and F5 BIG-IP exploitation RUBYCARP: Botnet Exploiting Vulnerabilities for Crypto K8s targeted via OpenMetadata exploitation Kinsing campaigns (2020)Redigo campaign TargetCompany Abusing MSSQL Servers for Ransomware Kinsing targeting cloud servers RedTail Cryptomining campaign Muhstik campaign RedJuliett Exploiting VPN and Firewall Vulnerabilities 8220 Gang Exploiting WebLogic Vulnerabilities for Cryptojacking CRYSTALRAY: threat actors exploiting OSS tools Ransomware operators exploit ESXi vulnerability Dama webshell deployment via ThinkPHP exploitation RomCom exploiting Word vulnerability in campaign targeting government entities Microsoft Smartscreen Vulnerability Exploited by Water Hydra Windows SmartScreen vulnerability exploited by Mispadu trojan ArcaneDoor Campaign Targeting Cisco Adaptive Security Appliance 0day APT28 Targeting Print Spooler Vulnerability for GooseEgg Deployment RCE Vulnerability in PHP CGI Exploited by TellYouThePass Mirai Botnet Exploiting Apache OFBiz Vulnerability Godzilla Backdoor Exploiting Confluence Vulnerability DragonRank Targeting IIS Web Servers UNC1860 Attacks Targeting the Middle East Storm-0501 Targeting Hybrid Environments with Ransomware perfctl Malware Targeting Linux Veeam Vulnerability Exploited by Akira and Fog Ransomware APT29 Targeting Zimbra and TeamCity Servers Earth Simnavaz (APT34) Targeting UAE and Gulf Regions UNC5820 exploiting FortiManager flaw BrowserStack Data Breach Mozi Botnet Using AndroxGh0st Toolkit to Target Cloud Environments Prometei campaign RCE Vulnerability in PAN-OS Exploited in-the-Wild BrazenBamboo Weaponizes FortiClient Vulnerability to Steal Credentials Earth Kasha’s Campaign Exploiting Fortinet Vulnerability State-Sponsored APT Abuse Visual Studio Code in Attacks Mauri Ransomware Exploiting Apache ActiveMQ Cleo Vulnerabilities Targeted by Cl0p Ransomware Byte Federal Data Breach via Gitlab Vulnerability RCE Vulnerability in Apache Struts Targeted by Attackers US Treasury Breach Exploitation in the Wild of Aviatrix Controller RCE

Last edited

May 19, 2024 9:42 AM

Status

Stub

Defenses

Vulnerability Scanning Workload Runtime Protection Proxy

Made with 💙 by Wiz

Last Updated: June 25, 2024