FYSA
CISA is aware of several recent successful cyberattacks against various
organizations' cloud services. Threat actors used a variety of tactics and
techniques, including phishing and brute force logins, to attempt to exploit
weaknesses in cloud security practices.
In response, CISA has released [Analysis Report AR21-013A: Strengthening
Security Configurations to Defend Against Attackers Targeting Cloud Services]
which provides technical details and indicators of compromise to help detect
and respond to potential attacks.
CISA encourages users and administrators to review [AR21-013A] and apply the
recommendations to strengthen cloud environment configurations.
Link: https://us-cert.cisa.gov/ncas/analysis-reports/ar21-013a
For more information, contact central@xxxxxxxxxxxx<mailto:central@xxxxxxxxxxxx>
Theresa A. Masse
Cyber Security Advisor, Region X (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671 Email:
theresa.masse@xxxxxxxxxxxx<mailto:theresa.masse@xxxxxxxxxxxx>