Attackers discovering exposed cloud assets within minutes – TechTarget
A six-month study from security vendor Orca Security that simulated exposed cloud assets found that threat actors discovered and breached the resources at surprisingly fast speeds.
In the research posted to the vendor’s blog Tuesday, titled “2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes,” Orca deployed a series of honeypots on nine different cloud environments to simulate misconfigured resources and study the threat actors that attempt to compromise them.
The vendor said it deployed honeypots to AWS S3 buckets, Docker Hub, Amazon Elastic Container Registry, Elasticsearch, GitHub, HTTP, Amazon Elastic Block Storage, Redis and SSH. Moreover, each honeypot included an AWS secret access key and a number of “breadcrumbs” to lead threat actors to the instances.
The study found that cloud threat actors moved fast. Threat actors discovered GitHub assets within two minutes, HTTP within three minutes, SSH within four…
The post Attackers discovering exposed cloud assets within minutes – TechTarget first appeared on SEO, Marketing and Social News | OneSEOCompany.com.
source: https://news.oneseocompany.com/2023/06/20/attackers-discovering-exposed-cloud-assets-within-minutes-techtarget_2023062046371.html
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.