Similarly to what I have done in 2022, 2021, and 2020,  I am listing those cyber attacks, whose information is available via OSINT, which exploited the cloud in one or more stages of the attack chain.

The campaigns are classified in four categories: Delivery and Exploitation (the cloud service is exploited to deliver a malware strain or a phishing page), Actions on Objective (the cloud service is exploited to steal data, or launch other attacks), Command and Control (the cloud service is exploited as a command and control infrastructure), and Data Exfiltration (the cloud service is used as a drop zone for the exfiltrated data).

Below you will find some statistics and a table with detailed information on the attacks.

Cloud-Native Threats 2023 - Top Exploited Cloud Services

No Data Found

Cloud-Native Threats 2023 - Top Exploitation Purposes

No Data Found

Cloud-Native Threats 2023 - Motivations

No Data Found

Cloud-Native Threats 2023 - Top Exploited Services: Delivery

No Data Found

Cloud-Native Threats 2023 - Top Exploited Services: Command and Control

No Data Found

Cloud-Native Threats 2023 - Top Exploited Services: Actions on Objective

No Data Found

Cloud-Native Threats 2023 - Top Exploited Services: Data Exfiltration

No Data Found

Cloud-Native Threats 2023 - Top Exploited Services: Cyber Crime

No Data Found

Cloud-Native Threats 2023 - Top Exploited Services: Cyber Espionage

No Data Found

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, or Mastodon for the latest updates.

BE NOTIFIED OF NEW BLOG POSTS: SUSCRIBE!

SUPPORT MY WORK!

Cloud-Native Threats in 2021

I am starting a new project to track cloud-native threats, similarly to what I have done in 2020, with an interactive timeline. As soon as I collect more data I will start to generate some statistics.

Continue Reading
POPULAR POSTS
  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • List Of Hacked Celebrities Who Had (Nude) Photos Leaked

    During Summer we always try to spend our free time in a more profitable manner, for instance reading gossip chronicles. From this point of view, July 2012 has not been a particularly lucky month for Carly Rae Jepsen. On July the 7th, her website has been ...

  • computer program language text1-15 February 2024 Cyber Attacks Timeline

    In the cyber attacks timeline of February H1 2024, I collected 139 events dominated by malware attacks. Ransomware and vulnerabilities also played an important role in the threat landscape.

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

FOLLOW ME ON TWITTER
CLOUD NATIVE THREATS IN 2022 INFOGRAPHIC
Cloud Native Threats in 2022 Infographic

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.