Gather Round the Watering Hole, We have a story to tell
Watering hole phishing attack targeted at users of AWS Management Console via Google ads!
What do attackers do with exposed AWS access keys? We look inside AWS SES to give deeper insights into the service, why & how its targeted and how to detect it.
Cloud Cred Harvesting Campaign - Grinch Edition
The Grinch targets Jupyter this Christmas with a cloud cred harvesting campaign.
AWS Enhancements to UpdateLoginProfile and CreateLoginProfile logging
Logging by cloud providers and identity providers sometimes does not contain the level of detail needed for detections. We found a case in AWS when a login profile is created or updated without the reset password flag set to true.
Password spray enters the Okta-gon
Identity Providers (IDPs), like Okta have always been a juicy target for threat actors of all skill levels. Permiso identified a large Okta password spraying campaign that took place in late August.