#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

Hybrid Cloud | Breaking Cybersecurity News | The Hacker News

Category — Hybrid Cloud
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks

Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks

Aug 27, 2025 Ransomware / Cloud Security
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key, cloud-based ransomware introduces a fundamental shift," the Microsoft Threat Intelligence team said in a report shared with The Hacker News. "Leveraging cloud-native capabilities, Storm-0501 rapidly exfiltrates large volumes of data, destroys data and backups within the victim environment, and demands ransom -- all without relying on traditional malware deployment." Storm-0501 was first documented by Microsoft almost a year ago, detailing its hybrid cloud ransomware attacks targeting government, manufacturing, transportation, and law enforcement sectors in the U.S., with the thr...
Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

Sep 27, 2024 Ransomware / Cloud Security
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment, Microsoft said. "Storm-0501 is a financially motivated cybercriminal group that uses commodity and open-source tools to conduct ransomware operations," according to the tech giant's threat intelligence team. Active since 2021, the threat actor has a history of targeting education entities with Sabbath (54bb47h) ransomware before evolving into a ransomware-as-a-service ( RaaS ) affiliate delivering various ransomware payloads over the years, including Hive, BlackCat (ALPHV), Hunters International, LockBit, and Embargo ransomware. A n...
Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices

Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices

Dec 21, 2023 DevSecOps / Data Security
John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial impacts of breaches. With this data, they can make data driven decisions about how they implement security in their organization. The report is conducted by the Ponemon Institute and sponsored, analyzed, and published by IBM Security. In 2023, the 18th year the report was published, the report analyzed 553 breaches across 16 countries and 17 industries. According to Etay Maor, Senior Director of Security Strategy at  Cato Networks , "We tend to talk a lot about security issues and solutions. This report puts a number behind threats and solutions and provides a lot of information to support claims of how a threat actor, a solution or a process impacts you financially." Key Finding #1:...
cyber security

The MCP Security Guide for Early Adopters

websiteWizArticles Intelligence / MCP Security
Thousands of MCP servers are already live, but most security teams don't have a clear strategy yet. Get the practical guide to MCP for security teams.
cyber security

Make Identity Compromise Impossible with the Last Credential You'll Ever Need

websiteBeyond IdentityIdentity Security / Enterprise Protection
Attackers exploit IAM gaps. Learn how Beyond Identity stops phishing, hijacking, and MFA fatigue.
Expert Insights Articles Videos
Cybersecurity Resources
//]]>