"Credentials Account For Over Half of Cloud Compromises"

Google recently discovered that over half (55%) of public cloud compromises in the first three months of the year were down to a missing or weak password.  Google noted that the second most common compromise factor in the period was misconfiguration, which accounted for 19% of incidents.  Google said misconfigurations could also be linked to other compromise factors, such as exposure of sensitive UIs or APIs, which accounted for 12% of incidents.  Google noted that the top risk action leading to compromise in Google Cloud environments was overwhelmingly cross-project abuse of access token generation permission (75%).  Google stated that this can be associated with the MITRE ATT&CK tactic of privilege escalation and the technique of "valid accounts: cloud accounts." In second place came replacement of existing compute disks or snapshots, which accounted for 12% of alerts detected by Google. 

Infosecurity reports: "Credentials Account For Over Half of Cloud Compromises"