LATEST INTELLIGENCE

PRESENTED BY

Download whitepaper here

Fast Facts

• Malware , including keyloggers and credential stealers such as PunkeyPOS and Spyrix .

DESCRIPTION Cloud account compromise is the act of maliciously TYPES gaining control over a legitimate user ’ s cloud-based email or collaboration service account – giving the attacker wide-ranging access to data , contacts , other sites to hack into systems . calendar entries , email and other system tools . Beyond the compromised user ’ s data , the attacker can use the and app impersonation to manipulate account account to impersonate the user in social engineering attacks such as business email compromise ( BEC ) system resources . and more , both inside and outside of the organisation . • Insider threats – credential loss created by Threat actors can access sensitive data , persuade users or outside business partners to wire money or damage an organisation ’ s reputation and finances . They can also install backdoors to maintain access for future attacks .

• Credential theft – attackers exploit weak passwords , poor security systems and reused passwords from

• Malicious OAuth app – use OAuth token phishing

owners into delegating permissions for accessing

negligence or malicious intent . TOOLS OF THE TRADE

• Phishing attacks , including OAuth token phishing .

• Brute-force attacks that automate credential guessing , such as Aircrack-ng and Jack the Ripper .

• Credential recycling or stuffing , which uses already stolen username and password pairs .

18 INTELLIGENTCIO EUROPE www . intelligentcio . com