Last Updated on February 14, 2022

I am starting a new project to track cloud-native threats, similarly to what I have done in 2020, with an interactive timeline. As soon as I collect more data I will start to generate some statistics. As usual the information is collected from open sources such as blogs, online news outlets, etc.

The campaigns are classified in four categories: Delivery and Exploitation (the cloud service is exploited to deliver a malware strain or a phishing page), Actions on Objective (the cloud service is exploited to steal data, or launch other attacks), Command and Control (the cloud service is exploited as a command and control infrastructure), and Data Exfiltration (the cloud service is used as a drop zone for the exfiltrated data).

Clicking on each box, whose logo shows the exploited service, opens a pop-up window with the details of the campaign, including the link to the orginal article (at the bottom of the window).

Of course if you have news of any similar campaign that I have omitted, feel free to let me know! And of course follow @paulsparrows on Twitter and LinkedIn for the latest updates.

This Post Has 3 Comments

  1. d

    welld one

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.