Cyber Security

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts

Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign has been running since the end of February and possibly earlier. “In one observed case, the operator authenticated to a compromised AWS account within 20 minutes of credential submission,” the researchers noted. Fake AWS security … More

The post Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts appeared first on Help Net Security.

Read More

Related Posts

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

KadNap Malware Infects 14,000+ Edge Devices to Power St...

Terra Portal adds human-governed AI to live production pentesting

Terra Portal adds human-governed AI to live production ...

This spy tool has been quietly stealing data for years

This spy tool has been quietly stealing data for years

Messenger can warn you about sketchy links without knowing what you clicked

Messenger can warn you about sketchy links without know...

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

The Zero-Day Scramble is Avoidable: A Guide to Attack S...

'BlackSanta' EDR Killer Targets HR Workflows

'BlackSanta' EDR Killer Targets HR Workflows