CyberSecurityBoard
Sponsor Register Login

Murky Panda hackers exploit cloud trust to hack downstream customers

Murky Panda, a sophisticated hacker group, has been exploiting the inherent trust in cloud service providers to infiltrate downstream customers. This attack vector leverages the trusted relationships between cloud vendors and their clients, allowing the threat actors to bypass traditional security measures and gain unauthorized access to sensitive data and systems. The group targets cloud environments by compromising service providers or leveraging vulnerabilities within cloud infrastructure, enabling them to move laterally and escalate privileges within the victim's network. This method poses significant risks as it undermines the security assumptions many organizations have regarding their cloud providers. To mitigate such threats, companies must enhance their cloud security posture by implementing strict access controls, continuous monitoring, and thorough vetting of third-party cloud services. Additionally, adopting zero-trust principles and ensuring robust incident response plans are critical in defending against these sophisticated supply chain attacks. This article delves into the tactics, techniques, and procedures (TTPs) employed by Murky Panda, highlighting the importance of vigilance and proactive defense strategies in the evolving cloud security landscape.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 22 Aug 2025 22:00:19 +0000


Cyber News related to Murky Panda hackers exploit cloud trust to hack downstream customers

Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com
25 Best Cloud Service Providers (Public and Private) in 2025 - Oracle Cloud offers a variety of services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), to help organizations build, deploy, and run applications in the cloud. Oracle Cloud is a cloud ...
3 months ago Cybersecuritynews.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
1 year ago Techtarget.com
Murky Panda hackers exploit cloud trust to hack downstream customers - Murky Panda, a sophisticated hacker group, has been exploiting the inherent trust in cloud service providers to infiltrate downstream customers. This attack vector leverages the trusted relationships between cloud vendors and their clients, allowing ...
3 days ago Bleepingcomputer.com Murky Panda
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
1 year ago Cybersecurity-insiders.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
1 year ago Techtarget.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
1 year ago Feeds.dzone.com
The Invisible Storm: Why Cloud Malware Is Your Business's New WeatherEmergency - Protecting your business from cloud malware requires a fundamental shift in security thinking, as traditional defenses simply weren’t designed for these sophisticated airborne threats. Recent research by Cloud Storage Security identified ...
3 months ago Cybersecuritynews.com
Zero-Trust Architecture in Modern Cybersecurity - Clearly, organizations need more robust cybersecurity protections in place, which is leading many to adopt a zero-trust architecture approach. Zero-trust flips conventional security on its head by shifting from an implicit trust model to one where ...
1 year ago Feeds.dzone.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
1 year ago Esecurityplanet.com
7 Considerations for Multi-Cluster Kubernetes - A hybrid cloud is a cloud computing environment that combines public and private clouds, allowing organizations to utilize the benefits of both. In a hybrid cloud, an organization can store and process critical data and applications in its private ...
1 year ago Feeds.dzone.com
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
1 year ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
1 year ago Esecurityplanet.com
Zero Trust 2025 - Emerging Trends Every Security Leader Needs to Know - Forward-thinking organizations are embedding Zero Trust principles into broader business strategies rather than treating them as isolated security initiatives. Security leaders must champion this integrated approach to Zero Trust implementation to ...
4 months ago Cybersecuritynews.com
Zero Trust Security Framework: Implementing Trust in Business - The Zero Trust security framework is an effective approach to enhancing security by challenging traditional notions of trust. Zero Trust Security represents a significant shift in the cybersecurity approach, challenging the conventional concept of ...
1 year ago Securityzap.com
10 Best ZTNA Solutions (Zero Trust Network Access) in 2025 - Google BeyondCorp Enterprise delivers Zero Trust security through a cloud-native platform, enabling secure access to applications without VPNs. Check Point ZTNA is a leading Zero Trust solution designed for organizations seeking comprehensive, ...
1 month ago Cybersecuritynews.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
1 year ago Crowdstrike.com
3 benefits of going cloud native - Since the start of Microsoft Intune in 2010, we have been working on and iterating toward simplified Windows management, in part by moving infrastructure from on-premises to the cloud. As the capabilities of our customers and Intune grew, a pure ...
1 year ago Microsoft.com
What is cloud load balancing? - Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources. Cloud load balancing helps enterprises achieve ...
1 year ago Techtarget.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
1 year ago Esecurityplanet.com
10 Best IT Asset Management Tools - 2025 - What is Good?What Could Be Better?Atera can seamlessly service and monitor Linux, Mac, and Windows systems.Sometimes, when deploying an update, patch management will fail.Using an administrator terminal, keep an eye on IT asset activity remotely.The ...
4 months ago Cybersecuritynews.com
Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
1 year ago Crowdstrike.com
4 types of cloud security tools organizations need in 2024 - By now, organizations know which on-premises security tools they need, but when it comes to securing the cloud, they don't always understand which cloud security tools to implement. While many traditional on-premises tools and controls work in the ...
1 year ago Techtarget.com
AI Is Changing the Way Enterprises Look at Trust: Deloitte & SAP Weigh In - Whether you are creating or customizing an AI policy or reassessing how your company approaches trust, keeping customers' confidence can be increasingly difficult with generative AI's unpredictability in the picture. We spoke to Deloitte's Michael ...
1 year ago Techrepublic.com
Cloud-ready and Channel-first - For over 30 years, we've worked hand in hand with the channel to make the digital world a safer place. So we're delighted to receive more recognition of the value we're adding for partners and customers with the release of the latest CRN Cloud 100 ...
2 years ago Trendmicro.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)