A comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques
Vollständige DatenbankFeatured actors
Dive into the profiles of threat actors involved in cloud security incidents, shedding light on their motivations and tooling, to aid in risk assessment and threat modeling.
Dreambus botnet
The Dreambus botnet is adept at exploiting weaknesses in various Internet-facing applications, including PostgreSQL, Hadoop, Redis, and other popular software. The operators behind this activity appear to be financially motivated, as infections result in cryptojacking.LAPSUS$
LAPSUS$ were notorious extortionists that managed to gain access to multiple large organizations throughout 2022 via social engineering and SIM swapping, and in some cases moved laterally into their targets’ cloud environments.Featured techniques
An overview of attack techniques used by threat actors in cloud security incidents, aligned with the MITRE ATT&CK matrix framework for additional context.
Ausgewählte Vorfälle
Eine historische Sammlung vergangener Cloud-Sicherheitsvorfälle und -kampagnen, die Einblicke in Targeting-Muster, anfängliche Zugriffsmethoden und effektive Auswirkungen bietet.
FAQ
The Cloud Threat Landscape is a curated public instance of Wiz Research’s internal cloud threat intelligence database, summarizing information about publicly disclosed cloud security incidents and campaigns. Additionally, the database lists threat actors known to have compromised cloud environments, the tools and techniques in their arsenal, and the technologies they prefer to target.
Crying Out CloudDer Newsletter
Melden Sie sich an, um die neuesten Updates zur Cloud-Sicherheit direkt in Ihren Posteingang zu erhalten
Erstklassige Forschung zu Cloud-Angriffen
- Incidents documented
0
- Actors profiled
0
- Technologies targeted
0
- Techniques explained
0