AWS Phishing Exploits
Threat actors are exploiting AWS misconfigurations to launch phishing campaigns using Amazon Simple Email Service (SES) and WorkMail. Identified as TGR-UNK-0011 (JavaGhost), this group initially focused on website defacement but pivoted to phishing for financial gain in 2022. Rather than exploiting AWS vulnerabilities, the attackers leverage exposed IAM access keys to infiltrate cloud environments, send […]
read more
