216.73.217.176

The State of Cloud Ransomware in 2024

· Published 14/11/2024 11:57 · Modified 14/11/2024 18:59

Export JSON

Essential information

Published
14/11/2024 11:57
Modified
14/11/2024 18:59
Tags
2024-11-14 CVE-2023-34362 bianlian cloud ransomware cloud security cspm data exfiltration identity management kms lockbit pandora ransomes rhysida s3 buckets web application attacks
Related entities
9 techniques (mitre), 5 malware

Description

attacks are evolving, primarily targeting storage services like Amazon S3 and Azure Blob Storage. Attackers exploit misconfigurations or use stolen credentials to access and encrypt data. Cloud service providers have implemented security measures, such as AWS's 7-day key deletion window, to mitigate risks. New techniques using customer-managed keys pose challenges for data recovery. Ransomware groups are also leveraging cloud services for . Web applications hosted in the cloud are vulnerable to extortion attacks, with tools like targeting PHP servers. Organizations are advised to use Posture Management solutions and enforce strong practices to protect against these emerging threats.

External references