Cloud Attacks for Crypto Mining

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining Oct 26, 2024Ravie LakshmananCloud Security / Cryptocurrency The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. “The group is Read more…

Researchers discover flaws in 5 end-to-end encrypted cloud services

Researchers discover flaws in 5 end-to-end encrypted cloud services Several major end-to-end encrypted cloud storage services contain cryptographic flaws that could lead to loss of confidentiality, file tampering, file injection and more, researchers from ETH Zurich said in a paper published this month. The five cloud services studied offer end-to-end Read more…

Major E2EE Cloud Storage Providers

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers Oct 21, 2024Ravie LakshmananEncryption / Data Protection Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. “The vulnerabilities range in severity: in many cases a Read more…

Multi-Layered Cloud

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

5 Steps to Boost Detection and Response in a Multi-Layered Cloud Oct 14, 2024The Hacker NewsCloud Security / Vulnerability The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on “shift-left” practices—securing code, Read more…

Adobe Stock

‘LLM hijacking’ of cloud infrastructure uncovered by researchers

‘LLM hijacking’ of cloud infrastructure uncovered by researchers “LLM hijacking” of cloud infrastructure for generative AI has been leveraged by attackers to run rogue chatbot services at the expense of victims, Permiso researchers reported Thursday. Attacks on Amazon Bedrock environments, which support access to foundational large language models (LLMs) such Read more…

Hybrid Cloud Ransomware Attacks

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises Read more…