In this video for Help Net Security, Zur Ulianitzky, Head of Research at XM Cyber, talks about the top attack techniques used by threat actors to compromise critical assets in enterprise and cloud environments.
Based on a research of attack techniques exploiting vulnerabilities, misconfigurations and mismanaged or stolen credentials to compromise critical assets, the most impactful technique turned out to be the used of compromised domain credentials, which allow the attacker to spread throughout the enterprise environments.
They also found that shared folder permissions that are not managed properly and are poorly configured allow attackers to infect files that are being executed from those shared folders, which again enables them to move laterally within the network environment.
Finally, they noted that identities in cloud environments are given powerful permissions, which allow attackers to gain access to critical resources within the cloud environment or, with the ability to escalate privileges within the cloud environment, to ultimately target critical assets and put the business at risk.
Source: https://www.helpnetsecurity.com/2022/04/14/compromise-cloud-video/