CyberSecurityBoard
Sponsor Register Login

Amazon Shuts Down APT29 Watering Hole Attack

Amazon has successfully thwarted a sophisticated watering hole attack orchestrated by the notorious Russian state-sponsored hacking group APT29, also known as Cozy Bear. This cyberattack targeted specific websites frequented by government officials and diplomats to infiltrate their systems and steal sensitive information. The attack involved compromising legitimate websites to serve malicious code, aiming to exploit vulnerabilities in visitors' browsers and deploy malware. Amazon's proactive detection and rapid response prevented the attack from causing significant damage, highlighting the importance of vigilant cybersecurity measures in defending against advanced persistent threats. This incident underscores the ongoing cyber espionage activities by APT29 and the critical need for organizations to enhance their security posture against such targeted attacks. The collaboration between cybersecurity teams and cloud service providers like Amazon is vital in identifying and mitigating these threats promptly. As cyber threats continue to evolve, this case serves as a reminder for continuous monitoring, threat intelligence sharing, and robust defense strategies to protect sensitive data and maintain national security.

This Cyber News was published on therecord.media. Publication date: Wed, 03 Sep 2025 00:05:19 +0000


Cyber News related to Amazon Shuts Down APT29 Watering Hole Attack

Amazon Disrupts APT29 Watering Hole Campaign Targeting Security Researchers - Amazon has successfully disrupted a sophisticated watering hole campaign orchestrated by the notorious APT29 threat group, also known as Cozy Bear. This campaign targeted security researchers by compromising websites frequently visited by ...
3 days ago Thehackernews.com APT29 Cozy Bear
1000+ New Fake Domains Mimic Amazon Prime Day Registered to Hunt Online Shoppers - These attacks range from fake calls and phishing emails to malicious links and spoofed websites, all designed to trick shoppers into revealing sensitive account information or making fraudulent payments. During Amazon’s Big Spring Sale in March ...
1 month ago Cybersecuritynews.com
Amazon Shuts Down APT29 Watering Hole Attack - Amazon has successfully thwarted a sophisticated watering hole attack orchestrated by the notorious Russian state-sponsored hacking group APT29, also known as Cozy Bear. This cyberattack targeted specific websites frequented by government officials ...
7 hours ago Therecord.media APT29 Cozy Bear
Amazon warns of Russian APT29 watering hole campaign targeting cloud users - Amazon has issued a warning about a sophisticated watering hole attack campaign orchestrated by the Russian threat group APT29, also known as Cozy Bear. This campaign specifically targets cloud service users by compromising legitimate websites ...
1 day ago Infosecurity-magazine.com APT29 Cozy Bear
Cisco Foundation Grantees prioritize Indigenous leadership to protect the Amazon Basin - This is the first of our three-part series on Cisco Foundation grantees working in the Amazon and South America region. This series will introduce you to eight Cisco Foundation Climate Impact & Regeneration grantees working to support preservation ...
1 year ago Feedpress.me
Master the Art of Data Security - As we step further into the digital age, the importance of data security becomes increasingly apparent. As with all data storage services, it's crucial to ensure that the data stored on Amazon S3 is secure, particularly when it's 'at rest'-that is, ...
1 year ago Feeds.dzone.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
The Dark Side of Digital Reading: E-Books as Corporate Surveillance Tools - Americans are reading digital books at a rate of three out of ten. In a market where the majority of readers are subject to both Big Publishing's greed and those of Big Tech, it is no surprise that these readers are subject to both the greed of Big ...
1 year ago Cysecurity.news
ACM will no longer cross sign certificates with Starfield Class 2 starting August 2024 - AWS Certificate Manager is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing, Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting ...
1 year ago Aws.amazon.com
Rundown of Security News from AWS re:Invent 2023 - Amazon Web Services has been unveiling a steady stream of announcements during its AWS re:Invent 2023 event in Las Vegas this week. The focus over the four days, as expected, is on AI as AWS strives to show that its offerings can match - or surpass - ...
1 year ago Darkreading.com
Amazon Prime Video Ads 5 February - Adverts will start appearing for UK users of Amazon Video Prime on 5 February 2024, unless extra fee is paid. Amazon has confirmed that adverts will begin appearing for UK customers of the Amazon Prime Video service in early 2024. In an email to UK ...
1 year ago Silicon.co.uk
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
1 year ago Therecord.media Cozy Bear APT29
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
1 year ago Therecord.media Cozy Bear APT29
Amazon sues REKK fraud gang that stole millions in illicit refunds - Amazon's Customer Protection and Enforcement team has taken legal action against an underground store refund scheme that has resulted in the theft of millions of dollars worth of products from Amazon's online platforms. This lawsuit targets 20 ...
1 year ago Bleepingcomputer.com
Amazon disrupts Russian APT29 hackers targeting Microsoft 365 - Amazon has successfully disrupted the operations of the Russian cyber espionage group APT29, also known as Cozy Bear, which has been targeting Microsoft 365 users. This group is notorious for its sophisticated cyber attacks aimed at stealing ...
1 day ago Bleepingcomputer.com APT29 Cozy Bear
Amazon Dismantles Russian APT29 Infrastructure - Amazon has successfully dismantled the infrastructure of the Russian cyber espionage group APT29, also known as Cozy Bear. This operation marks a significant step in combating state-sponsored cyber threats targeting global organizations. APT29 has ...
1 day ago Cybersecuritynews.com APT29 Cozy Bear
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies - After Sandworm and APT28, another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. APT29 is tracked under different names and has been targeting embassy entities with a BMW car ...
1 year ago Bleepingcomputer.com CVE-2023-38831 APT28 APT29
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
11 months ago Aws.amazon.com
UK, ROK sound alarm over North Korean supply chain attacks The Register - The national cybersecurity organizations of the UK and the Republic of Korea have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. "In an increasingly digital and interconnected ...
1 year ago Theregister.com Lazarus Group
CVE-2024-27080 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
Amazon Warns of APT29 Credential Theft Campaign Targeting Cloud Users - Amazon has issued a warning about a credential theft campaign orchestrated by the advanced persistent threat group APT29, also known as Cozy Bear. This campaign specifically targets cloud users, aiming to steal credentials and gain unauthorized ...
11 hours ago Darkreading.com APT29 Cozy Bear
A Handbook for Managing Containers on Amazon Web Services - Container management is a way to help you create, govern, and maintain your containers. There are tools and services available that can automate the creation, deployment, maintenance, scaling, and monitoring of application or system containers. In ...
2 years ago Trendmicro.com
TeamViewer: Hackers copied employee directory data and encrypted passwords - Software company TeamViewer says that a compromised employee account is what enabled hackers to breach its internal corporate IT environment and steal encrypted passwords in an incident attributed to the Russian government. In an update on Sunday ...
1 year ago Therecord.media APT29
China State-Sponsored Spies Hack Site and Target User Systems in Asia - Users of a Tibetan language translation app and website visitors to a Buddhist festival were compromised by a focused watering-hole malware connected to a Chinese threat group. According to recent data from ESET, the so-called Evasive Panda hacking ...
1 year ago Cysecurity.news GALLIUM
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)