{"id":18525,"date":"2022-03-17T06:10:03","date_gmt":"2022-03-17T14:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/03\/17\/news-12258\/"},"modified":"2022-03-17T06:10:03","modified_gmt":"2022-03-17T14:10:03","slug":"news-12258","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/03\/17\/news-12258\/","title":{"rendered":"Clouding the issue: what cloud threats lie in wait in 2022?"},"content":{"rendered":"

Credit to Author: Christopher Boyd| Date: Thu, 17 Mar 2022 13:25:43 +0000<\/strong><\/p>\n

As more services move ever cloud-wards, so too do thoughts by attackers as to how best exploit them. With all that juicy data sitting on someone else\u2019s servers, it\u2019s essential that they run a tight ship. You\u2019re offloading some of your responsibility onto a third party, and sometimes things can go horribly wrong as a result. Whether it\u2019s the third party being exploited, or something targeting the cloud users themselves, there\u2019s a lot to think about.<\/p>\n

We offered some thoughts in a recent article on potential cloud issues<\/a>. Below are some other areas of concern which spring to mind. The linked article focuses on misconfiguration, phishing issues, limiting data share, and the ever-present Internet of Things. Below, we dig into a few of those. We also offer some additional opinions on where other attacks of interest may lie.<\/p>\n

Cryptocurrency wallet attacks<\/h2>\n

Digital wallet phish attempts are rampant on social media, and we expect this to rise. People new to cryptocurrency often gravitate to services which take the hassle out of setting everything up. Third party-services which look after your private keys are known as custodial wallets. Private keys are important because they\u2019re your digital keys to your Bitcoin kingdom.<\/p>\n

You\u2019re essentially giving the third-party full control of managing things for you. If the third party is compromised or exploited in some way, what happens to your stolen funds may take some time to resolve. You may well get it back, but you likely won\u2019t be able to put any timeline to that process.<\/p>\n

Some folks may feel the above process isn\u2019t as secure as storing their cryptocurrency on standalone devices. So-called \u201ccold wallets\u201d are typically offline hardware devices, with no internet capability and the ability to manage only a few types of digital currency.<\/p>\n

This is at odds with the \u201chot\u201d custodial wallets which typically plug into many forms of currency, and provide various online services. It\u2019s a bit like the difference between using an online, cloud based password manager run by a third-party company, or running a totally local password manager operated by you and you alone. <\/p>\n

If something goes wrong with your cold wallet, should you lose it or have it stolen, nobody is coming to help. This is a lot of responsibility if you\u2019re dealing with large amounts of currency. On the other hand, do you want to take the risk of plugging large amounts into something whose management is up to someone else?<\/p>\n

Even if people avoid being phished<\/a>, stealer malware which hunts for private keys and\/or logins are becoming increasingly popular<\/a>. Users may also run into trouble if something goes wrong at the organisation looking after their private keys. It\u2019s an incredibly complex landscape fraught with problems, and this is why we\u2019ll continue to see people hit by all manner of cryptocurrency scams for some time to come.<\/p>\n

Ransomware supply chain triple-threat<\/h2>\n

Ransomware will continue to cause problems in supply chains and leverage so-called triple threat attacks<\/a>. This is where multiple forms of pressure are placed upon the victim to convince them to pay up. This method of attack is sure to remain popular, becoming a viable alternative to \u201cjust\u201d using double extortion tactics.<\/p>\n

For example, demanding ransom with the threat of leaking data could be considered a double threat extortion. Meanwhile, attacks like BlackCat went all-in on triple-threats towards the end of 2021. BlackCat didn\u2019t only demand a ransom under threat of data leaks; it also promised to fire up a DDoS (distributed denial of service) if the ransom wasn\u2019t paid<\/a>.<\/p>\n

Targets who keep all files in the cloud only (no local or offsite backups) are great marks for blackmailers. Indeed, even where backups exist, they may not be as effective<\/a> as they once were due to additional threats beyond a ransom payment. Sure, you won\u2019t lose your data if you have backups, the attackers will say – but they’ll make sure a lot of it ends up on an underground forum somewhere regardless.<\/p>\n

This is why it\u2019s crucial to try and stop ransomware authors getting one foot in the door in the first place. Training staff not to open attachments from untrusted senders, keeping security updates up to date, and reducing services needlessly visible online can all help with this.<\/p>\n

The Metaverse<\/h2>\n

We expect to see various forms of harassment increase in virtual worlds as more people jump on the Metaverse bandwagon, with security and safety settings<\/a> playing catch up. <\/p>\n

The possibility exists for rogue advert manipulation and phishing should Meta decide to push ahead with virtual ad placement. There are also issues<\/a> with augmented reality privacy concerns, data breaches, and photo realistic representations of your living space for all to see. All this, before we even touch on the very big problem of harassment in virtual spaces<\/a>. Placing virtual bubbles around users so others can\u2019t digitally grope them is just one sorely needed tool to help combat harassers, but more needs to be done.<\/p>\n

Cloud services which reduce VR processing strain on user\u2019s machines could also become popular targets, especially where gaming is concerned. With more slices of the gaming pie being offloaded away from the user\u2019s machine, it\u2019s only natural to think they may take a hit.<\/p>\n

As we\u2019re seeing, it\u2019s not only game developers<\/a> at risk from being targeted. With hardware shortages generally making it more difficult to get hold of graphics cards and chips, subscription cloud services are viewed as an important alternative. Becoming a crucial tool in the battle against lack of components will mean they catch the eye of people with bad intentions. <\/p>\n

Misconfigured services<\/h2>\n

We finish off with that constant thorn in the side of the cloud: basic errors which consistently lead to security woes.<\/p>\n

Every year organisations fail to secure their cloud services<\/a> and data is leaked, exposed, and scraped by third parties. Even apps aren\u2019t free of cloud risks<\/a>, with tools designed to monitor children\u2019s online use accidentally exposing user IDs, plaintext passwords, and more thanks to missing security measures.<\/p>\n

Exposed data can lurk for months without discovery. It can also be used for blackmail and profit, and once it\u2019s online there\u2019s no going back. People often talk about \u201cleaky buckets\u201d in relation to misconfigured services. They\u2019re called buckets because they hold your data; unfortunately those leaks don\u2019t stand a chance of being fully plugged anytime soon.<\/p>\n

Whether your area of interest is IOT, ransomware, or even the Metaverse, it\u2019s well worth digging into some of these topics and keeping one eye on the news. Whether you\u2019re involved with the cloud at home or in the workplace, bad actors are figuring out ways to cause trouble – but that doesn\u2019t mean we have to let them.<\/p>\n

The post Clouding the issue: what cloud threats lie in wait in 2022?<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Christopher Boyd| Date: Thu, 17 Mar 2022 13:25:43 +0000<\/strong><\/p>\n

We offer up some thoughts on where new and continuing attacks in the world of cloud may occur, alongside linking some current examples.<\/p>\n

The post Clouding the issue: what cloud threats lie in wait in 2022?<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11728,11052,18056,4503,10987,7093,10495,24757,3924,3765,12046,19409],"class_list":["post-18525","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cloud","tag-cryptocurrency","tag-cryptowallet","tag-cybercrime","tag-exploits","tag-hacks","tag-iot","tag-metaverse","tag-phishing","tag-ransomware","tag-server","tag-stalkerware"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18525","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18525"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18525\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18525"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}