Cloud
Misconfigured cloud / server access
Exposed storage, weak permissions, open admin panels.
What it is
S3 buckets set to public, Postgres listening on 0.0.0.0, /admin panels reachable from the internet without auth.
How attackers exploit it
Mass scanners find these in minutes. The .env file you accidentally deployed has your DB password in it.
How to protect against it
- Block sensitive paths at the web server (/.env, /.git, /backup*).
- Default-deny on cloud storage buckets; use signed URLs.
- Put admin panels behind VPN / SSO / IP allowlist.
- Rotate any key that has been in a client bundle or git history.
Reference videos
Cloud misconfiguration breaches
IBM Technology
Further reading