User credentials remain the Achilles heel of cloud apps: How you can prevent an attack

Grazed from CloudTech.  Author: Ofer Hendler.

High-profile security breaches have dominated the headlines in 2014. Two notable examples over the last few months, the Apple iCloud and Dropbox breaches, have revealed a juicy target for attackers: user credentials.

Rather than try to hack into the application itself like iCloud, Dropbox, Salesforce, or Amazon Web Services (AWS), an easier and much more feasible approach to gaining access to sensitive data, celebrity photos, or whatever else an attacker is after, is through stolen user credentials…


Both Apple and Dropbox were quick to point out that their own applications weren’t breached, but that the hackers had stolen user credentials from other cloud services and then used them to access Apple and Dropbox accounts. These incidents highlight the perils of cloud applications. By moving business-critical applications (like storage, CRM, HR, finance) to the cloud, IT administrators have ceded security controls to cloud service providers, throwing into question the security of data stored in the cloud…

Read more from the source @ http://www.cloudcomputing-news.net/news/2015/jan/02/user-credentials-remain-achilles-heel-cloud-apps-how-you-can-prevent-attack/