Common Information
| Type | Value |
|---|---|
| Value |
Cloud Accounts - T1586.003 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may compromise cloud accounts that can be used during targeting. Adversaries can use compromised cloud accounts to further their operations, including leveraging cloud storage services such as Dropbox, Microsoft OneDrive, or AWS S3 buckets for [Exfiltration to Cloud Storage](https://attack.mitre.org/techniques/T1567/002) or to [Upload Tool](https://attack.mitre.org/techniques/T1608/002)s. Cloud accounts can also be used in the acquisition of infrastructure, such as [Virtual Private Server](https://attack.mitre.org/techniques/T1583/003)s or [Serverless](https://attack.mitre.org/techniques/T1583/007) infrastructure. Compromising cloud accounts may allow adversaries to develop sophisticated capabilities without managing their own servers.(Citation: Awake Security C2 Cloud) A variety of methods exist for compromising cloud accounts, such as gathering credentials via [Phishing for Information](https://attack.mitre.org/techniques/T1598), purchasing credentials from third-party sites, conducting [Password Spraying](https://attack.mitre.org/techniques/T1110/003) attacks, or attempting to [Steal Application Access Token](https://attack.mitre.org/techniques/T1528)s.(Citation: MSTIC Nobelium Oct 2021) Prior to compromising cloud accounts, adversaries may conduct Reconnaissance to inform decisions about which accounts to compromise to further their operation. In some cases, adversaries may target privileged service provider accounts with the intent of leveraging a [Trusted Relationship](https://attack.mitre.org/techniques/T1199) between service providers and their customers.(Citation: MSTIC Nobelium Oct 2021) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-30 | 0 | How Cybersecurity Companies in Dubai Enhance Cloud Security for Businesses | ||
| Details | Website | 2024-10-29 | 0 | Evasive Panda Deploys Advanced CloudScout Malware to Steal Data from Taiwanese Institutions - CloudSEK News | ||
| Details | Website | 2024-10-28 | 0 | Key Modules in the Offensive Cloud Learning Path | ||
| Details | Website | 2024-10-25 | 3 | Learn Cloud Pentesting (Roadmap) and earn in $100,000—$150,000 | ||
| Details | Website | 2024-10-23 | 2 | Why DSPM is Essential for Achieving Data Privacy in 2024 | ||
| Details | Website | 2024-10-22 | 0 | LLMjacking and Open-Source Tool Abuse Surge in 2024 Cloud Attacks | ||
| Details | Website | 2024-10-22 | 0 | Sysdig 2024 global threat report | ||
| Details | Website | 2024-10-22 | 0 | Sysdig 2024 global threat report | ||
| Details | Website | 2024-10-18 | 27 | Iranian Cyber Actors’ Brute Force and Credential Access Attacks: CISA Alert AA24-290A | ||
| Details | Website | 2024-10-18 | 8 | Elevate Your Threat Hunting with Elastic — Elastic Security Labs | ||
| Details | Website | 2024-10-17 | 0 | Day 17 — How Secure is Your Data in the Cloud? | ||
| Details | Website | 2024-10-17 | 1 | Pitfalls of Cloud Sprawl and How to Avoid Them | ||
| Details | Website | 2024-10-16 | 7 | How to Build Custom Controls in Sysdig Secure | ||
| Details | Website | 2024-10-16 | 108 | Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations | CISA | ||
| Details | Website | 2024-10-16 | 7 | How to Build Custom Controls in Sysdig Secure | ||
| Details | Website | 2024-10-10 | 27 | Russian SVR Exploiting Unpatched Vulnerabilities in Global Cyber Campaign | ||
| Details | Website | 2024-10-09 | 0 | Cybersecurity Tip Day 3: Enable MFA and Multiple Positions to Your Routine | ||
| Details | Website | 2024-10-09 | 11 | Container security best practices: Comprehensive guide | ||
| Details | Website | 2024-10-08 | 0 | Cloudflare acquires Kivera to add simple, preventive cloud security to Cloudflare One | ||
| Details | Website | 2024-10-07 | 141 | Mind the (air) gap: GoldenJackal gooses government guardrails | ||
| Details | Website | 2024-10-03 | 2 | A Single Cloud Compromise Can Feed an Army of AI Sex Bots | ||
| Details | Website | 2024-10-03 | 0 | Cybersecurity Spending on the Rise, But Security Leaders Still Feel Vu | ||
| Details | Website | 2024-10-03 | 2 | A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security | ||
| Details | Website | 2024-10-02 | 57 | Separating the bee from the panda: CeranaKeeper making a beeline for Thailand | ||
| Details | Website | 2024-09-27 | 0 | Revolutionary DDI Services for the Hybrid, Multi-Cloud Era |