Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A new threat actor is combining social engineering techniques, abuse of legitimate cloud infrastructure, and custom malware together to create what appears to be novel attack chain. Google Threat ...
The Hacker News

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts.
The Hacker News

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. "Under the guise of ...
GitHub

python binding for using s5cmd to download and upload files to s3 efficiently

The S5CmdRunner class provides a Python interface for interacting with s5cmd, a command-line tool designed for efficient data transfer to and from Amazon S3. For more information about s5cmd, please ...
GitHub

Lab 2 (Python) - Develop Solutions Using Amazon S3 2 HOURS

In this lab, students will develop a portion of the application using Amazon S3 to store files and configure a static website. sed -i "s/\[BUCKET\]/$mybucket/g ...
Dark Reading

Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links

An overly permissive file-sharing link allowed public access to a massive 38TB storage bucket containing private Microsoft data, leaving a variety of development secrets — including passwords, Teams ...
Bleeping Computer

New open-source tool scans public AWS S3 buckets for secrets

A new open-source 'S3crets Scanner' scanner allows researchers and red-teamers to search for 'secrets' mistakenly stored in publicly exposed or company's Amazon AWS S3 storage buckets. Amazon S3 ...