Unit 42 researchers have observed a threat actor group known as JavaGhost exploiting misconfigurations in Amazon Web Services (AWS) environments to conduct sophisticated phishing campaigns. Active for over five years, JavaGhost has pivoted from website defacement to leveraging compromised cloud infrastructure for financial gain. The group’s attacks stem from exposed long-term AWS access keys, which […] The post JavaGhost: Exploiting Amazon IAM Permissions for Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/javaghost-exploiting-amazon-iam-permissions/
