Bharat Bhise HNA: Understanding the Cloud’s Most Common Vulnerabilities can Help Prevent Cyberattacks
With more businesses transitioning to the cloud, Bharat Bhise HNA stresses that the risk of targeted malicious attacks, data breaches, and threats also increases. Consider the recently discovered 'Cloud Snooper' attack: it makes use of a rootkit to bring malicious traffic to an individual's on-premise firewall and AWS. Afterward, a remote access trojan (RAT) is dropped. While this is a new attack method, many hackers continue to rely on time-tested techniques to gain entry into important organizational data. A misconfigured API or API credentials exposure is one of the widest known methods to access a cloud environment. Once an attacker gets an access key, they use it on a platform of their control and run API calls for privilege escalation or malicious activity. These keys are usually exposed through BitBucket, Github, and shared snapshots or images. Bharat Bhise HNA shares an example of this kind of attack, which was the recent leak of personal information from over