![It's raining credentials. [Research Saturday]](https://megaphone.imgix.net/podcasts/58ab7ae0-def8-11ea-b34c-b35b208b0539/image/f873f2ed2bf2868969a07ebae4846fbf.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
It's raining credentials. [Research Saturday]
CyberWire Daily · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Alex Delamotte from SentinelLabs joins Dave to discuss their work on "Cloudy With a Chance of Credentials | AWS-Targeting Cred Stealer Expands to Azure, GCP." As actors find more ways to profit from compromising services, SentinelLabs finds that cloud service credentials are becoming increasingly targeted.
The lack of threats explicitly targeting Azure and GCP credentials up to this point means there are likely many fresh targets. The research states "These campaigns share similarity with tools attributed to the notorious TeamTNT cryptojacking crew. However, attribution remains challenging with script-based tools, as anyone can adapt the code for their own use."
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices