This conference talk from RSA Conference explores a major extortion campaign targeting cloud environments through exposed environment variable files, which resulted in the compromise of over 90,000 credentials across 1,100+ cloud accounts. Join Nathaniel Quist, Principal Researcher at Palo Alto Networks' Unit 42, for a 45-minute deep dive into the investigation and takedown efforts of this sophisticated attack. Learn critical defensive strategies including posture management and runtime security measures that can help protect your organization. Gain valuable insights into effective cloud monitoring, detection techniques, and security best practices to prevent similar attacks in your environment.