CISA Says”
Source: Cybersecurity & Infrastructure Security Agency (CISA) has warned businesses that rely on cloud services to look out for phishing campaigns and other threats that exploit poor cybersecurity practices and misconfigurations in cloud services. The agency said it is aware of several recent successful cyberattacks against unnamed victims. CISA stresses that its report is not tied to any one threat actor or specifically associated with any known incidents, like the recent SolarWinds hack, or other recent events. The actors involved in the attacks are said to have used phishing, brute force login attempts, and possibly a pass-the-cookie attackto exploit weaknesses in victim organizations cloud security practices.”]