1. Forum
  2. tqw
  3. TQW GENTECH

  • Amazon seizes domains used by Russian hackers to target Windows s

    From TechnologyDaily@1337:1/100 to All on Monday, October 28, 2024 14:45:05
    Amazon seizes domains used by Russian hackers to target Windows systems

    Date:
    Mon, 28 Oct 2024 14:31:00 +0000

    Description:
    Midnight Blizzard has been impersonating AWS in its recent phishing attacks.

    FULL STORY ======================================================================

    Amazon has seized a number of internet domains used by Russian hackers to launch phishing attacks.

    In a blog post , CJ Moses, Chief Information Security Officer at Amazon, said a Russian state-sponsored threat actor known as Midnight Blizzard (AKA APT29) was spotted running a large-scale phishing attack against government
    agencies, enterprises, and militaries.

    The attacks were impersonating Amazon Web Services (AWS), the retail giants cloud arm, with phishing emails written in the Ukrainian language. Midnight Blizzard attacks

    The goal of the campaign was not to target AWS, or to steal AWS credentials from the victims, Moses noted - instead, Midnight Blizzard was looking for Windows credentials to use through Microsoft Remote Desktop.

    Upon learning of this activity, we immediately initiated the process of seizing the domains APT29 was abusing which impersonated AWS in order to interrupt the operation, Moses added. CERT-UA has issued an advisory with additional details on their work.

    CERT-UA is the Computer Emergency Response Team of Ukraine, a specialized structural unit of the State Center for Cyber Defense of the State Service
    for Special Communications and Information Protection of Ukraine.

    You may remember Midnight Blizzard as the threat actor behind the famed Microsoft attack that forced the company to completely revamp its security policies.

    In early 2024, Microsoft revealed it had been attacked by the group, which managed to gain access to corporate email accounts in the companys cybersecurity and legal departments.

    The tech giant later confirmed that the breach was not confined, and that corporate accounts belonging to organizations outside of Microsoft were also affected.

    Because of this, and a number of other incidents, the company was slammed by both the cybersecurity community and the US government, prompting the Secure Future Initiative - the companys promise of a complete security overhaul.
    More from TechRadar Pro Email threats are becoming more dangerous than ever so keep an eye on your inbox Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/amazon-seizes-domains-used-by-russian-h ackers-to-target-windows-systems


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)