Kaspersky's Amazon SES token was stolen by unauthorized individuals

0 31
The attackers did not attempt to impersonate Kaspersky but used the official Kas...

Kaspersky's Amazon SES token was stolen by unauthorized individuals

The attackers did not attempt to impersonate Kaspersky but used the official Kaspersky email address to disguise spear-phishing emails as outdated 'fax notifications' and send them to potential victims, and then lure users to visit fake websites to collect authorization certificates for Microsoft online services.

Amazon SES is an expandable email service launched by Amazon, which allows developers to send emails from any application to meet various email sending needs, including marketing and bulk email. Phishers have taken advantage of this to send emails from the Amazon Web Services endpoint, easily bypassing most secure email gateways (SEG) to reach the target email box, and by changing different sender addresses, achieve the purpose of large-scale sending of phishing emails.

Kaspersky issued a notice stating that the Amazon SES token was stolen during the testing period of the 2050.earth website. Since the website is hosted by Amazon, the SES token was revoked immediately after these phishing attacks were discovered, so the 2050.earth website and related servers were not damaged, and no unauthorized database access or other malicious activities were found.

Kaspersky warns users to be cautious of similar spear-phishing emails, especially when asked to provide authorization certificates and other sensitive information. Do not be complacent even if the sender is a familiar brand. noreply@sm.kaspersky.com is an email address of a phishing email sender disclosed by Kaspersky, and users can also visit the Kaspersky blog to view detailed information about the sender's identity through the email subject.

Highly evasive spear-phishing campaigns against Office 365 have been frequent, resulting in the theft of a large amount of user data. As a stakeholder, Microsoft has been continuously sending alerts to remind users to be vigilant.

Reference Source: https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/

你可能想看:

APP Illegal Trend: Interpreting the 'Identification Method for Illegal and Unauthorized Collection and Use of Personal Information by APPs'

Ensure that the ID can be accessed even if it is guessed or cannot be tampered with; the scenario is common in resource convenience and unauthorized vulnerability scenarios. I have found many vulnerab

2. The International Criminal Police Organization arrests more than 1,000 network criminals from 20 countries, seize 27 million US dollars

hacker earth amazon hiring challenge questions(Amazon)

1. Horizontal splitting of the database, setting different initial values and the same step size

Git leak && AWS AKSK && AWS Lambda cli && Function Information Leakage && JWT secret leak

1. Send authentication and scheduled task logs (auth, authpriv, cron)

It is possible to perform credible verification on the system boot program, system program, important configuration parameters, and application programs of computing devices based on a credible root,

How to conduct offensive and defensive exercise risk assessment for AI systems: Red Teaming Handbook

Announcement regarding the addition of 7 units as technical support units for the Ministry of Industry and Information Technology's mobile Internet APP product security vulnerability database

最后修改时间:
admin

本文仅代表作者观点,不代表平台立场

内容由 admin 发布,转载请注明内容出处

上一篇 2025年03月30日 17:21
下一篇 2025年03月30日 17:44

评论已关闭