Hackread reports that misconfigurations in cloud services, including the “any/any” configuration permitted by more than 40% of networks, have been increasingly exploited by threat actors to distribute malicious payloads.Amazon Web Services S3 storage has been leveraged for the deployment of both the XWorm and Remcos remote access trojans, according to a Veriti Research study.Malware operators have also abused cloud providers for command-and-communications, with AWS tapped by the Havoc malware and NetSuppotManager RAT; Microsoft Azure used by the HookBot and Mythic payloads; Google Cloud utilized by Caldera and Unam Miner; and Alibaba Cloud abused by Pupy RAT and Brutal Ratel.Veriti researchers also noted advanced persistent threat group’s mounting Sliver C2 usage for more covert intrusions.Such findings “emphasize the critical need for organizations to rethink cloud security strategies. The increasing abuse of cloud services for malware hosting, C2 operations, and exploitation calls for a proactive, security-first approach,” said Veriti researchers.