Phishing has been a favored attack vector for threat actors for nearly three decades, and its utilization persists until it loses its effectiveness. The success of phishing largely hinges on exploiting the weakest link in an organization’s cybersecurity chain—human behavior.
“Phishing is largely the same whether in the cloud or on-prem[ise], in that it’s exploiting human behavior more than it’s exploiting technology,” said Emily Phelps, director at Cyware.
These attacks primarily aim to pilfer credentials, granting threat actors unfettered access within an organization’s infrastructure. Yet, successful cloud-based phishing assaults might be more intricate due to the nuanced ownership of the environment.
Phelps explained that in an on-premise scenario, a compromised ecosystem would be under the jurisdiction of an organization’s security and IT team. However, in the cloud—like AWS or Azure—a breached environment is managed by respective organizations yet ultimately owned by Amazon or Microsoft.
Cloud Emerges as the Preferred Phishing Arena
As an increasing number of applications gravitate toward cloud computing, threat actors are unsurprisingly drawn to exploit this realm. Palo Alto Networks Unit 42’s report unveiled a staggering 1100% surge in newly identi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: