Seeing Beneath the Surface: What Crimson Collective Reveals About Cloud Detection Depth by Lucie Cardiet

The report discusses Crimson Collective, a cloud-focused threat actor that leverages leaked or long-lived credentials and legitimate cloud APIs to perform stealthy reconnaissance, privilege escalation, and data staging across AWS and hybrid environments; it emphasizes that attackers exploit publicly available defensive datasets and promotes behavioral, identity-aware detection (Vectra AI) as a defense.