Techly NewsGet the app

Get the latest tech news

Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments


We recount an extensive cloud extortion campaign leveraging exposed .env files of at least 110k domains to compromise organizations' AWS environments.

The Unit 42 reverse engineering team analyzed the malicious lambda function, which consisted of a bash script configured to perform internet-wide scanning using a preconfigured set of sources containing millions of domains and IP addresses. When combined with Unit 42 Threat Intelligence, coupled with machine learning (ML) and user and entity behavior analytics (UEBA), security teams can detect exploited attack paths. The following queries are intended to assist Palo Alto Networks customers in hunting, investigating and detecting potentially malicious operations within their Cortex XDR and Prisma Cloud platforms.

Get the Android app

Or read this on r/technology

Read more on:

Photo of cloud environments

cloud environments

Related news:

News photo

SAPwned: SAP AI vulnerabilities expose customers' cloud environments and privat

News photo

Linux Prepares New Spectre BHI Mitigation Option For Cloud Environments

« Objective Bayesian Hypothesis Testing