Catalin Cimpanu reports:
A threat actor is hacking and extorting companies that have misconfigured their cloud server infrastructure.
The data extortion campaign has been taking place since earlier this year and involves a large-scale scan of the internet for companies that have exposed their environment variable files.
Also known as .ENV, these files act as a centralized location for storing configuration data by multiple software solutions.
Security firm Palo Alto Network says the attacker has been scanning the internet for ENV files, extracting login credentials, and accessing cloud servers.
Read more at RiskyBiz News.