Threat Post

Leaky Access Tokens Exposed Amazon Photos of Users

Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents. The Amazon Photos app for Android insufficiently protected user access tokens, according to ...
Bleeping Computer

Kaspersky's stolen Amazon SES token used in Office 365 phishing

Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office ...
Threat Post

Office 365 Phishing Campaign Abuses Stolen Amazon SES Token

Stolen access token leveraged in phishing campaign that spoofs brand name email addresses. A surge in spearphishing emails designed to steal Office 365 credentials include some that were rigged to ...