"Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign"
Palo Alto Networks found a threat actor extorting organizations after compromising their cloud environments using accidentally exposed environment variables. The researchers warn that the large-scale extortion campaign has targeted 110,000 domains using exposed .env files with sensitive data on unsecured web applications and misconfigured servers. These files enable organizations to define configuration variables for their web applications, often including hard-coded access keys for cloud services, Software-as-a-Service (SaaS) Application Programming Interface (API) keys, and more. This article continues to discuss findings regarding the extortion campaign.
Submitted by grigby1
Submitted by Gregory Rigby
on