Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.
The continuous evolution of phishing attack surfaces and methods reflects attackers' adaptation to widespread cloud and identity platform adoption.
The expansion of the Kali365 phishing kit to target major platforms like AWS and Okta indicates a growing sophistication and broader threat to critical digital infrastructure and identity management.
The threat landscape for cloud services and identity providers is becoming more complex, requiring enhanced security measures beyond simple email protection.
- · Cybersecurity companies (identity protection)
- · Cloud security providers
- · Phishing kit developers
- · AWS customers
- · Okta users
- · Organizations with weak MFA
Increased successful phishing attacks targeting cloud credentials and identity systems.
Heightened corporate investment in advanced threat detection, multi-factor authentication, and security awareness training.
Potential for supply chain attacks through compromised cloud accounts, leading to broader systemic risks.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at Dark Reading