Attackers can use a *.oraclecloud.com subdomain to host their phishing websites.
Command and Control
Attackers can use *.oraclecloud.com for C&C purposes.
Attackers can use Oracle Object Storage to upload exfiltrated files there.
Attackers can store malicious tools on Oracle Object Storage and download them when needed.
Last Update: 2021-11-21
Credits: Tas - @tas_kmanager