Benjamin Carr, Ph.D. 👨🏻💻🧬#Russia's #CozyBear (#APT29) dives into cloud environments with a new bag of tricks
One of the ways Cozy Bear breaks into victims' cloud services is via #bruteforce and #passwordspraying attacks aimed at getting access to accounts used to manage apps and services, and to those belonging to users who no longer work at the victim org – in other words, which that aren't regularly monitored by a human. Additionally, #Kremlin's spies frequently use tokens to access accounts
https://www.theregister.com/2024/02/27/russia_cozy_bear_new_ttps/
One of the ways Cozy Bear breaks into victims' cloud services is via #bruteforce and #passwordspraying attacks aimed at getting access to accounts used to manage apps and services, and to those belonging to users who no longer work at the victim org – in other words, which that aren't regularly monitored by a human. Additionally, #Kremlin's spies frequently use tokens to access accounts
https://www.theregister.com/2024/02/27/russia_cozy_bear_new_ttps/
