Cloud attacks addition: Cloud Hopper and Cloudborne #11
Comments
undergroundwires
added a commit
that referenced
this issue
Oct 29, 2021
- Add Cloud Hopper and Cloudborne attacks #11 - Add Man-In-The-Cloud (MITC) attack - Add cloud cryptojacking threat - Minor improvements to risk and threats - Add privacy.sexy as cloud security tool
undergroundwires
added a commit
that referenced
this issue
Oct 29, 2021
- Add Cloud Hopper and Cloudborne attacks #11 - Add Man-In-The-Cloud (MITC) attack - Add cloud cryptojacking threat - Minor improvements to risk and threats - Add privacy.sexy as cloud security tool
|
Thank you for the advice, also thank you for writing content @EnjoyTheJoke |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In Cloud attacks I would add a couple more that are included in official course-ware (v11) and show in exam prep questions:
Cloud Attacks: Cloud Hopper Attack
Cloud Hopper attacks are triggered at the managed service providers (MSPs) and their users
Attackers initiate spear-phishing emails with custom-made malware to compromise the accounts of staff or cloud service firms to obtain confidential information
Cloud Attacks: Cloudborne Attack
Cloudborne is a vulnerability residing in a bare-metal cloud server that enables the attackers to implant a malicious backdoor in its firmware. The malicious backdoor can allow the attackers to bypass the security mechanisms and perform various activities such as watching new user’s activity or behavior, disabling the application or server, and intercepting or stealing the data.
Vulnerabilities in the bare-metal cloud server and inappropriate firmware re-flashing can pave the way for attackers to install and maintain backdoor persistence.
The text was updated successfully, but these errors were encountered: