"Kodex Global said its website, portal, API, and some email services were rendered unavailable on October 1 between 08:54-12:47 EDT. AWS is the domain registrar for Kodex Global. While Kodex didn't explicitly name AWS in its public update on the outage, cyber sleuths identified that attackers attempted to transfer the domain to a different registrar. "While threat actors claimed responsibility for the disruption, ownership was never transferred; it was the registrar who improperly froze our domain as a result of the fraudulent legal order," the company claimed."
"No credentials were compromised, no customer data was accessed, and Kodex itself was never breached. At no point did the threat actors have access to, or compromise the confidentiality of, customer data or internal systems." A spokesperson at AWS told The Register: "We quickly resolved the matter as soon as we were made aware of the error and are taking steps to ensure that it doesn't happen again."
Kodex Global experienced a domain-related outage on October 1 when attackers used social engineering to persuade AWS to freeze its domain, rendering its website, portal, API, and some email services unavailable for several hours. Attackers attempted to transfer the domain to another registrar, but ownership did not transfer. Kodex reported no credential compromise, no customer data access, and no breach of internal systems. AWS acknowledged an error, said it quickly resolved the matter, and announced steps to prevent recurrence. If attackers had succeeded, email interception, access to MFA reset paths, or account takeover were possible. Kodex serves over 15,000 agencies and major tech companies.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]