Hi G33Ks, This was shared by Shravan, As it was very short content in the email. I thought of elaborating and reposting it in an easy way for the Team.
*T*he recently issued Imperva’s Hacker Intelligence Initiative report on Man-in-the-Cloud (MITC) attacks details how threat actors abuse popular cloud storage services for illegal activities. The experts have analyzed a number of cloud storage services including Dropbox, Google Drive, Box, and Microsoft OneDrive. The report shows how hackers exploit common file synchronization services for command and control (C&C) communications, remote access, data exfiltration and endpoint hacking by reconfiguring them. *What is It ? * Attackers can gain access to file synchronization accounts without compromising victim’s credentials. The experts explained that even if the tokens are encrypted on the local device, hackers can easily access and decrypt them to synchronize any device with the victim’s account. Man-in-the-Cloud attacks are easy to run, in some cases attacks can maintain access to the compromised account installing a backdoor, the access will be granted even after victims change their password. The expert noticed that in the case of Dropbox, the authentication tokens not change even if the password is changed, meanwhile Google Drive revokes all tokens and requires users to re-authenticate each device using account credentials following a password reset. *Source:* http://securityaffairs.co/wordpress/39137/cyber-crime/man-in-the-cloud-attacks.html *Further Readings:* http://www.imperva.com/docs/imperva_Hacker_Intelligence_Initiative_No22_Jul2015_v1d.pdf http://securityaffairs.co/wordpress/38978/cyber-crime/apt-29-report.html http://securityaffairs.co/wordpress/37468/cyber-crime/global-phishing-survey-2h2014.html Thanks Shravan for the share. Cheers, Naik -- You received this message because you are subscribed to the Google Groups "NFORCEIT" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send an email to [email protected]. Visit this group at http://groups.google.com/group/nforceit. For more options, visit https://groups.google.com/d/optout.
