Tag Amazon

Amazon Disrupts APT29’s Watering Hole Campaign Utilizing Microsoft Device Code Authentication

On August 29, 2025, in a significant security intervention, Amazon revealed it had identified and dismantled a watering hole campaign orchestrated by the Russia-linked APT29 group. This campaign exploited compromised websites to direct users towards malicious infrastructure, tricking them into authorizing attacker-controlled devices via Microsoft’s device code authentication process. Amazon’s Chief Information Security Officer, CJ Moses, provided insights into the threat. APT29, also known by aliases such as BlueBravo, Cozy Bear, and Midnight Blizzard, is a state-sponsored hacking group linked to Russia’s Foreign Intelligence Service (SVR). Recently, the group has been associated with attacks employing malicious Remote Desktop Protocol (RDP) configurations to target Ukrainian entities and extract sensitive information. As the year progresses, the adversary’s extensive targeting strategies continue to raise concerns.

Amazon Disrupts APT29 Watering Hole Campaign Exploiting Microsoft Device Code Authentication On August 29, 2025, Amazon disclosed its successful intervention in a watering hole campaign linked to the Russian cyber-espionage group APT29. This operation was characterized as opportunistic, aiming to gather intelligence by misleading users through compromised websites. These malicious…

Read More

Amazon Disrupts APT29’s Watering Hole Campaign Utilizing Microsoft Device Code Authentication

On August 29, 2025, in a significant security intervention, Amazon revealed it had identified and dismantled a watering hole campaign orchestrated by the Russia-linked APT29 group. This campaign exploited compromised websites to direct users towards malicious infrastructure, tricking them into authorizing attacker-controlled devices via Microsoft’s device code authentication process. Amazon’s Chief Information Security Officer, CJ Moses, provided insights into the threat. APT29, also known by aliases such as BlueBravo, Cozy Bear, and Midnight Blizzard, is a state-sponsored hacking group linked to Russia’s Foreign Intelligence Service (SVR). Recently, the group has been associated with attacks employing malicious Remote Desktop Protocol (RDP) configurations to target Ukrainian entities and extract sensitive information. As the year progresses, the adversary’s extensive targeting strategies continue to raise concerns.

⚡ Weekly Update: USB Malware, React2Shell, WhatsApp Worms, AI IDE Vulnerabilities & More

A tumultuous week has unfolded in the realm of cybersecurity, marked by significant vulnerabilities and subsequent exploits. A critical bug has put one of the internet’s preferred frameworks at risk, as cybercriminals seize upon artificial intelligence tools to enhance their capabilities, fake applications are siphoning away funds, and unprecedented levels…

Read More⚡ Weekly Update: USB Malware, React2Shell, WhatsApp Worms, AI IDE Vulnerabilities & More

Chinese Hackers Breach U.S. Trade Group Before Trump-Xi Trade Summit

Researchers have identified a Chinese cyber-espionage campaign targeting the United States ahead of the upcoming trade summit between President Donald Trump and President Xi Jinping. The findings, detailed in a report released by Fidelis Cybersecurity, reveal that the Chinese APT10 hacking group infiltrated the “Events” page of the U.S. National…

Read MoreChinese Hackers Breach U.S. Trade Group Before Trump-Xi Trade Summit

18-Year-Old UK Teen Charged for Operating DDoS-for-Hire Service

Teenager Charged in Connection with DDoS Attacks on Major Corporations An 18-year-old student from Stockport, England, has been charged with aiding cybercriminals by operating a Distributed Denial of Service (DDoS) for-hire service. This illegal operation allegedly facilitated attacks on the online platforms of various high-profile entities, including T-Mobile, Amazon, and…

Read More18-Year-Old UK Teen Charged for Operating DDoS-for-Hire Service

Serious Attacks May Have Been Orchestrated via Vulnerability in Amazon ECR Public Gallery

A serious vulnerability has been uncovered in the Amazon Elastic Container Registry (ECR) Public Gallery, which could have been leveraged for various attacks, as reported by the cybersecurity firm Lightspin. The flaw poses critical risks, enabling malicious actors to delete images stored in the gallery or replace them with versions…

Read MoreSerious Attacks May Have Been Orchestrated via Vulnerability in Amazon ECR Public Gallery

AI-Enhanced Hacker Compromises 600 Fortinet Firewalls in Just 5 Weeks

This article has been updated to include additional technical insights into the hacking campaign. Amazon’s latest security advisory indicates that a Russian-speaking hacker orchestrated a sophisticated cyber campaign utilizing generative AI services, successfully breaching over 600 FortiGate firewalls across 55 nations within a short span of five weeks. This alarming…

Read MoreAI-Enhanced Hacker Compromises 600 Fortinet Firewalls in Just 5 Weeks

$10K Reward for Hacking Ring Cameras to Prevent Data Sharing with Amazon

Concerns Rise Over Amazon Ring’s New Search Party Feature Following Super Bowl Ad A recent advertisement by Amazon-owned security camera company Ring has sparked widespread criticism and concern, particularly around user privacy and surveillance practices. The Super Bowl ad introduced a feature called Search Party, designed to leverage a network…

Read More$10K Reward for Hacking Ring Cameras to Prevent Data Sharing with Amazon

More than 15,000 Memcached DDoS Attacks Target 7,100 Websites in Just 10 Days

Recent Surge in Memcached-Based DDoS Attacks Targets Major Online Services A new report indicates a dramatic rise in cyber attacks leveraging Memcached reflections, sparking concern across the cybersecurity community. In just ten days, nearly 15,000 attacks have targeted 7,131 unique online entities, marking one of the largest spikes in DDoS…

Read MoreMore than 15,000 Memcached DDoS Attacks Target 7,100 Websites in Just 10 Days