Gå ubegrenset med Magzter GOLD
Få ubegrenset tilgang til over 9000 magasiner, aviser og premiumhistorier for bare
Prøve GULL - Gratis
Native Data Breach: Anatomy Of A Cloud
Enterprise IT World
|June 2019
Case study of a real-life example of a cloud-native data breach, how it evolved and how it possibly could have been avoided.
The company is a photo-sharing social media application, with over 20 million users. It stores over 1PB of user data within Amazon Web Services (AWS), and in 2018, it was the victim of a massive data breach that exposed nearly 20 million user records. This is how it happened.
Step 1: Compromising a legitimate user. Frequently, the first step in a data breach is that an attacker compromises the credentials of a legitimate user. In this incident, an attacker used a spear-phishing attack to obtain an administrative user’s credentials to the company’s environment.
Step 2: Fortifying access. After compromising a legitimate user, a hacker frequently takes steps to fortify access to the environment, independent of the compromised user. In this case, the attacker connected to the company’s cloud environment through an IP address registered in a foreign country and created API access keys with full administrative access.
Step 3: Reconnaissance. Once inside, an attacker then needs to map out what permissions are granted and what actions this role allows.
Denne historien er fra June 2019-utgaven av Enterprise IT World.
Abonner på Magzter GOLD for å få tilgang til tusenvis av kuraterte premiumhistorier og over 9000 magasiner og aviser.
Allerede abonnent? Logg på
FLERE HISTORIER FRA Enterprise IT World
Enterprise IT World
Broadcom Makes VMware Cloud Foundation AI Native with Version 9.0
Broadcom has announced the general availability of VMware Cloud Foundation (VCF) 9.0, transforming the platform into an AI native private cloud solution.
1 min
September 2025
Enterprise IT World
Vertiv to Acquire Great Lakes Data Racks & Cabinets for $200 Million
Vertiv has signed an agreement to acquire Great Lakes Data Racks & Cabinets (Great Lakes) for $200 million, in a move aimed at strengthening its Already infrastructure portfolio.
1 min
September 2025
Enterprise IT World
SentinelOne's Observo AI Acquisition Signals Rising Urgency in Telemetry Data Management
Enterprises are accelerating their shift towards unified telemetry frameworks as fragmented data pipelines drive cost, complexity, and operational risk.
1 min
September 2025
Enterprise IT World
INDIA'S JOB MARKET COOLS IN JULY, BUT TECH ROLES POWER AHEAD
Formal employment slows, pay transparency dips, but high-skill demand drives resilience
2 mins
September 2025
Enterprise IT World
SAP Launches Sovereign Cloud in India to Power Secure and Compliant Innovation
SAP, a global leader in enterprise application software and business Al, has launched its SAP Sovereign Cloud in India, a significant step toward strengthening the nation's digital sovereignty.
1 min
September 2025
Enterprise IT World
Sophos Endpoint Now Natively Integrated with Taegis MDR and XDR
Sophos has announced the native integration of Sophos Endpoint into all Taegis MDR and XDR subscriptions, marking a major step in delivering unified cybersecurity solutions with improved ROI.
1 min
September 2025
Enterprise IT World
Indus Towers Begins Global Expansion with Entry into African Markets
Indus Towers Limited, India's leading telecom infrastructure provider, has announced its strategic entry into Africa, marking the company's first international expansion.
1 min
September 2025
Enterprise IT World
BharatGen Secures INR 988.6 Crore Funding Under IndiaAl Mission to Lead India's Sovereign AI Push
Bharat Gen, India's first government-backed multimodal sovereign AI initiative, has been awarded INR 988.6 crore under the India AI Mission, making it the largest beneficiary of the Ministry of Electronics and Information Technology's (MeitY) INR 1,500 crore allocation.
1 min
September 2025
Enterprise IT World
Smarter Security: Akamai and Seraphic Join Forces to Simplify SSE with Secure Enterprise Browsing
Akamai Technologies has entered into a strategic partnership with Seraphic Security to integrate secure enterprise browser (SEB) technology into its Zero Trust portfolio, marking a major step toward simplifying security service edge (SSE) architectures.
1 min
September 2025
Enterprise IT World
TCS Partners with NVIDIA to Accelerate AI Adoption in Retail
Tata Consultancy Services (TCS) has announced a strategic partnership with NVIDIA to integrate accelerated computing and AI Enterprise software into its retail solutions, helping global retailers drive operational efficiency, reduce costs, and scale innovation.
1 min
September 2025
Translate
Change font size