Cloud 101
Circle
Events
Blog

Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Beyond BEC: How Modern Phishing Has Evolved Past Email
Published: 02/02/2023

Originally published by Lookout. Written by Hank Schless, Lookout. Business email compromise (BEC) is big business for malicious actors. According to the 2021 FBI Internet Crime Report, BEC was responsible for nearly $2.4 billion in cyber crime losses in 2021. At its root, it’s a type of ph...

Reframing Password Management: What We Learned from the LastPass Breach
Published: 02/02/2023

Originally published by BARR Advisory. In August of 2022, LastPass, the cloud-based password saver, was breached as bad actors stole information that would eventually lead them to access a copy of the data vaults of tens of thousands of customers. When the firm was hacked for a second time in Nov...

Protect Your Organization from BlackCat Ransomware Attacks
Published: 01/18/2023

Originally published by Titaniam. Where there is value for organizations online, there will be a cybercriminal ready with a ransomware attack to exploit it. Since they first emerged in December of 2021, BlackCat Ransomware has become another example of a ring of cybercriminals who practice the mo...

The Discovery of a Massive Cryptomining Operation Leveraging GitHub Actions
Published: 01/18/2023

Originally published by Sysdig on October 25, 2022. Written by Crystal Morin, Sysdig. The Sysdig Threat Research Team (Sysdig TRT) recently uncovered an extensive and sophisticated active cryptomining operation in which a threat actor is using some of the largest cloud and continuous integration ...

Could Double Extortion Prompt a Public Health Crisis?
Published: 01/05/2023

Originally published by CXO REvolutionaries on November 15, 2022. Written by Kyle Fiehler, Senior Transformation Analyst, Zscaler. Ransomware actors targeting Australia’s most prominent healthcare insurer have taken the gloves off. After Medibank refused to pay a ransom for the return of data bel...

Combat Attacks Where They Most Often Start: Applications
Published: 01/04/2023

Originally published by TrueFort. Written by Mike Powers, TrueFort. The application environment is one of the most targeted among cyber criminals and has reached a point where organizations can no longer pose the question of “if” there will be an attack on, but “when” there is an attack. The atta...

How to Prevent Account Takeover Fraud
Published: 12/29/2022

Originally published by TokenEx. Written by Anni Burchfiel, TokenEx. Quick Hits:Account takeover fraud is the most popular kind of cyberattack for hackers looking to make a large sum of money quickly.Businesses affected by account takeover attacks (ATOs) often lose large numbers of customers due ...

Punisher Ransomware Spreading Through Fake COVID Site
Published: 12/22/2022

Originally published by Cyble on November 25, 2022. New Variant Of Ransomware Targeting Chile Most organizations experienced an increase in cyber-attacks during the COVID-19 pandemic. Threat Actors (TAs) leveraged the COVID-19 pandemic as a thematic lure to infect users with different malware fam...

Top Threat #11 to Cloud Computing: Cloud Storage Data Exfiltration
Published: 12/18/2022

Written by the CSA Top Threats Working Group. The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of worklo...

The Top Cloud Computing Risk Treatment Options
Published: 12/17/2022
Author: Megan Theimer

Cloud threats pose great harm to organizations’ business objectives. Storage, compute, and even network services have been subjected to nefarious attacks. Since cloud compliance and security is a shared responsibility, every organization should collaborate with their cloud service providers to im...

New Kiss-a-Dog Cryptojacking Campaign Targets Vulnerable Docker and Kubernetes Infrastructure
Published: 12/09/2022

Originally published by CrowdStrike on October 26, 2022. Written by Manoj Ahuje, CrowdStrike. CrowdStrike has uncovered a new cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure using an obscure domain from the payload, container escape attempt and anonymized “...

’Tis the Season for eCrime
Published: 12/05/2022

Originally published by CrowdStrike. Written by Bart Lenaerts-Bergmans, CrowdStrike. Financially motivated criminal activities, aka “eCrime,” happen in waves. They come and go as adversaries develop new tools and target vulnerable victims. Similar to how investors track stock market activity usin...

Top Threat #10 to Cloud Computing: Organized Crime, Hackers, and APT
Published: 12/04/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

Uber’s Internal Network Breach and Business-Critical SaaS Data Compromise
Published: 12/02/2022

Originally published by DoControl on September 16, 2022. Written by Corey O'Connor, DoControl. Multiple sources have reported that Uber has become the next victim to a man-in-the-middle attack with social engineering and Multi-factor Authentication (MFA) compromise at its core. In this example, t...

Detecting and Mitigating CVE-2022-42889 a.k.a. Text4shell
Published: 12/02/2022

Originally published by Sysdig. Written by Miguel Hernández, Sysdig. A new critical vulnerability CVE-2022-42889 a.k.a. Text4shell, similar to the old Spring4Shell and Log4Shell, was originally reported by Alvaro Muñoz on the very popular Apache Commons Text library. The vulnerability is rated...

Advisory: Persistent MFA Circumvention in an Advanced BEC Campaign on Microsoft 365 Targets
Published: 12/01/2022

Originally published by Mitiga. Written by Mitiga's Research Team. Mitiga spotted a sophisticated, advanced business email compromise campaign, targeting Microsoft 365 organizations, leveraging inherent weaknesses in Microsoft 365 MFA, Microsoft Authenticator, and Microsoft 365 Identity Protectio...

AXLocker, Octocrypt, And Alice: Leading A New Wave Of Ransomware Campaigns
Published: 11/30/2022

Originally published by Cyble. AXLocker Ransomware Stealing Victim’s Discord Tokens Ransomware is one of the most critical cybersecurity problems on the internet and possibly the most powerful form of cybercrime plaguing organizations today. It has rapidly become one of the most important and pro...

Preventing Hyperjacking in a Virtual Environment
Published: 11/29/2022

Originally published by Entrust. Written by Iain Beveridge and Dave Stevens, Entrust. In the rapidly evolving world of information security, attack vectors, and cyberattacks, there is a regular cadence of new industry terms to grapple with. Hyperjacking is a term you may not have come across. It ...

Password Hash Cracking, User Cloning, and User Impersonation: Three Risks Every SAP Customer Should Know
Published: 11/28/2022

Originally published by Onapsis. Written by Thomas Fritsch, Onapsis. The easiest (and a significantly profitable) way for attackers to get into a system is logging in with valid user credentials. According to a recent report, breaches that are caused by stolen or compromised credentials are not o...

Top Threat #9 to Cloud Computing: Misconfiguration and Exploitation of Serverless and Container Workloads
Published: 11/20/2022

Written by the CSA Top Threats Working Group.The CSA Top Threats to Cloud Computing Pandemic Eleven report aims to raise awareness of threats, vulnerabilities, and risks in the cloud. The latest report highlights the Pandemic Eleven top threats, in which the pandemic and the complexity of workloa...

Browse by Topic
Write for the CSA blog
Submit your blog proposal

Sign up to receive CSA's latest blogs

This list receives 1-2 emails a month.