Subscribe

Credentials fuels cloud security intrusions

Valid, compromised account credentials were the initial access vector for more than one in three cloud intrusions last year according to IBM Security X-Force, making it the most common point of entry across all cloud security incidents.

Credentials used as an initial access vector for cloud intrusions jumped from 9% in 2022 to 36% this year, IBM Security X-Force said in its cloud threat landscape report.

The report also found that over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials. According to the report, credentials are the most popular asset for sale on dark web marketplaces, accounting for nearly 90% of listings.

The average price for stolen credentials is $10.68. Meanwhile, Microsoft Outlook Cloud credentials were the most popular access for sale on the dark web, representing more than 5 million mentions. Phishing attacks and the exploitation of public-facing applications tied for the second-most prevalent point of entry during the reporting period with each claiming about 14% of all cloud security incidents.

The report also highlights the growing risk of cloud-related vulnerabilities, with X-Force observing a nearly 200% increase in new cloud related CVEs from the prior year. Europe was the hardest-hit region in terms of cloud security incidents, with 64% of the incidents X-Force responded to involving European organizations.

The sources for this piece include an article in CIODIVE.

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study finds 94% of spreadsheets have critical errrors

Study says 94% of spreadsheets contain critical errors

Elon Musk claims DDoS attack caused issues in live-streamed interview with Trump – experts are skeptical

Google anti-trust ruling a financial disaster for Firefox

Related Articles

Europe Seeks Alternatives to U.S. Cloud Providers Amid Sovereignty Concerns

March 26, 2025 European nations and companies are actively pursuing alternatives to U.S.-based cloud service providers, driven by concerns over data more...

Google Confirms Data Deletion Error in Drive and Photos

March 23, 2025 Google has admitted to a technical error that caused some users’ files to be accidentally and permanently deleted more...

AWS claims its competition is “repatriation” with customers returning to on-premises infrastructure

September 18, 2024 In a surprising turn of events, cloud giant Amazon Web Services (AWS) is now claiming that it faces more...

Global data breach crisis: Are Santander and Ticketmaster victims of massive cyberattacks linked to Snowflake compromise?

June 2, 2024 Santander Bank and Ticketmaster have fallen prey to extensive data breaches orchestrated by the notorious hacker group, ShinyHunters. more...

Jim Love

Jim Is and author and pud cast host with over 40 years in technology.

Share:
X/Twitter
Linkedin
Blue Sky
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.