Gå ubegrenset med Magzter GOLD

Gå ubegrenset med Magzter GOLD

Få ubegrenset tilgang til over 9000 magasiner, aviser og premiumhistorier for bare

$149.99
 
$74.99/År

Prøve GULL - Gratis

Native Data Breach: Anatomy Of A Cloud

Enterprise IT World

|

June 2019

Case study of a real-life example of a cloud-native data breach, how it evolved and how it possibly could have been avoided.

- Sanjay

Native Data Breach: Anatomy Of A Cloud

The company is a photo-sharing social media application, with over 20 million users. It stores over 1PB of user data within Amazon Web Services (AWS), and in 2018, it was the victim of a massive data breach that exposed nearly 20 million user records. This is how it happened.

Step 1: Compromising a legitimate user. Frequently, the first step in a data breach is that an attacker compromises the credentials of a legitimate user. In this incident, an attacker used a spear-phishing attack to obtain an administrative user’s credentials to the company’s environment.

Step 2: Fortifying access. After compromising a legitimate user, a hacker frequently takes steps to fortify access to the environment, independent of the compromised user. In this case, the attacker connected to the company’s cloud environment through an IP address registered in a foreign country and created API access keys with full administrative access.

Step 3: Reconnaissance. Once inside, an attacker then needs to map out what permissions are granted and what actions this role allows.

FLERE HISTORIER FRA Enterprise IT World

Enterprise IT World

Enterprise IT World

Broadcom Makes VMware Cloud Foundation AI Native with Version 9.0

Broadcom has announced the general availability of VMware Cloud Foundation (VCF) 9.0, transforming the platform into an AI native private cloud solution.

time to read

1 min

September 2025

Enterprise IT World

Enterprise IT World

Vertiv to Acquire Great Lakes Data Racks & Cabinets for $200 Million

Vertiv has signed an agreement to acquire Great Lakes Data Racks & Cabinets (Great Lakes) for $200 million, in a move aimed at strengthening its Already infrastructure portfolio.

time to read

1 min

September 2025

Enterprise IT World

Enterprise IT World

SentinelOne's Observo AI Acquisition Signals Rising Urgency in Telemetry Data Management

Enterprises are accelerating their shift towards unified telemetry frameworks as fragmented data pipelines drive cost, complexity, and operational risk.

time to read

1 min

September 2025

Enterprise IT World

INDIA'S JOB MARKET COOLS IN JULY, BUT TECH ROLES POWER AHEAD

Formal employment slows, pay transparency dips, but high-skill demand drives resilience

time to read

2 mins

September 2025

Enterprise IT World

Enterprise IT World

SAP Launches Sovereign Cloud in India to Power Secure and Compliant Innovation

SAP, a global leader in enterprise application software and business Al, has launched its SAP Sovereign Cloud in India, a significant step toward strengthening the nation's digital sovereignty.

time to read

1 min

September 2025

Enterprise IT World

Sophos Endpoint Now Natively Integrated with Taegis MDR and XDR

Sophos has announced the native integration of Sophos Endpoint into all Taegis MDR and XDR subscriptions, marking a major step in delivering unified cybersecurity solutions with improved ROI.

time to read

1 min

September 2025

Enterprise IT World

Enterprise IT World

Indus Towers Begins Global Expansion with Entry into African Markets

Indus Towers Limited, India's leading telecom infrastructure provider, has announced its strategic entry into Africa, marking the company's first international expansion.

time to read

1 min

September 2025

Enterprise IT World

Enterprise IT World

BharatGen Secures INR 988.6 Crore Funding Under IndiaAl Mission to Lead India's Sovereign AI Push

Bharat Gen, India's first government-backed multimodal sovereign AI initiative, has been awarded INR 988.6 crore under the India AI Mission, making it the largest beneficiary of the Ministry of Electronics and Information Technology's (MeitY) INR 1,500 crore allocation.

time to read

1 min

September 2025

Enterprise IT World

Smarter Security: Akamai and Seraphic Join Forces to Simplify SSE with Secure Enterprise Browsing

Akamai Technologies has entered into a strategic partnership with Seraphic Security to integrate secure enterprise browser (SEB) technology into its Zero Trust portfolio, marking a major step toward simplifying security service edge (SSE) architectures.

time to read

1 min

September 2025

Enterprise IT World

Enterprise IT World

TCS Partners with NVIDIA to Accelerate AI Adoption in Retail

Tata Consultancy Services (TCS) has announced a strategic partnership with NVIDIA to integrate accelerated computing and AI Enterprise software into its retail solutions, helping global retailers drive operational efficiency, reduce costs, and scale innovation.

time to read

1 min

September 2025

Translate

Share

-
+

Change font size