Identity-Related Weaknesses Drive Cloud Attack Surge

First reported

04.11.2025 15:00

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

In Q3 2025, 44% of true-positive cloud attack alerts were traced to identity-related weaknesses. These include excessive permissions, misconfigured roles, and credential abuse. Cloud keys and credentials are often stored insecurely, leading to phishing or infostealer malware. Attackers exploit these vulnerabilities to escalate access and evade detection. Poor DevOps practices also contribute to the systematic redeployment of legacy vulnerabilities, exacerbating the issue. Organizations must address these identity and DevOps security gaps to mitigate cloud risks.

Timeline

04.11.2025 15:00 1 articles · 6d ago

Identity-Related Weaknesses Drive Cloud Attack Surge in Q3 2025
In Q3 2025, 44% of true-positive cloud attack alerts were traced to identity-related weaknesses. These include excessive permissions, misconfigured roles, and credential abuse. Attackers exploit insecurely stored cloud credentials to escalate access and evade detection. Poor DevOps practices contribute to the systematic redeployment of legacy vulnerabilities, exacerbating the issue.
Show sources

Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
Open in new tab

Information Snippets

44% of true-positive cloud attack alerts in Q3 2025 were due to identity-related weaknesses.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
Identity-related weaknesses include excessive permissions, misconfigured roles, and credential abuse.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
Cloud credentials are often stored insecurely, leading to phishing or infostealer malware.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
Attackers can buy legitimate credentials on the dark web for as little as $2.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
99% of cloud identities are over-privileged, allowing attackers to escalate access.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
Poor DevOps practices lead to the systematic redeployment of legacy vulnerabilities.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00
71% of critical vulnerability alerts in Q3 2025 stemmed from four CVEs dating back to 2021.
First reported: 04.11.2025 15:00

1 source, 1 article
Show sources
- Identity Is Now the Top Source of Cloud Risk — www.infosecurity-magazine.com — 04.11.2025 15:00

Summary

Timeline

Identity-Related Weaknesses Drive Cloud Attack Surge in Q3 2025

Information Snippets