Type
Actors
Pub. date
November 1, 2021
Initial access
Impact
Data exfiltration
References
https://www.bleepingcomputer.com/news/security/kasperskys-stolen-amazon-ses-token-used-in-office-365-phishing/
Status
Not started
Last edited
Mar 6, 2025 3:24 PM
An access token, with permissions to SES, was stolen from a Kaspersky third party contractor. The compromised token was used by threat actors behind a spear-phishing campaign targeting Office 365 users.