Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Boffins find that over nine out of ten 'ethical' hackers are being a bit naughty when it comes to cloud services

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 17 Jun 2020 08:31:20 +0000 (UTC)
https://www.theregister.com/2020/06/17/cloud_services_hacking/

By Thomas Claburn in San Francisco
The Register
17 June 2020
Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity.
In a recent research paper titled "Cloud as an Attack Platform" [PDF], five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith Jones – describe a series of interviews they conducted with computer security pros attending the Black Hat and DEF CON conferences.
Of the 75 security professionals and hackers they spoke with as a part of a larger examination of attacker psychology, more than 93 per cent admitted to abusing cloud services to create attack environments and launch attacks.
"We observed that these professional hackers often employ common strategies to abuse the cloud platform for its resource-efficient features in order to remain stealthy and silent while probing target machines, collecting victim data, discovering vulnerabilities, and launching attacks," the paper explains. 

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: