In the past week, a group of hackers, dubbed the “Capsule Crew,” exploited the same weaknesses that were exploited by the “Amazon Exploitations Team” (AET) in November.
The exploits they used to do so were widely publicized in the hacker community and exploited multiple vulnerabilities on a variety of popular devices, including a MacBook Pro.
In addition to exploiting the vulnerabilities on popular products, the exploits also exploited an old vulnerability in Amazon Web Services (AWS) which allows for remote code execution.
The attacks also used a vulnerability in the Java sandbox to execute arbitrary code, as described in a previous post.
The Amazon Exploit Team (Aet) has not yet publicly acknowledged the vulnerabilities, and it is unclear how long they have been under active attack.
However, the vulnerability was reported last week, suggesting that the group was still in active development.
The AET exploited two vulnerabilities on the “amazon” website, which allowed the attacker to bypass Amazon’s security measures and obtain access to the account.
In both instances, the exploit attempts were successful.
The first exploit attempted to perform a man-in-the-middle attack, by exploiting a vulnerability known as “insecure_connect_check” in the AWS REST API.
The second exploit attempted a more sophisticated version of the same vulnerability, allowing the attacker a more detailed and efficient method of exploiting the flaw.
The exploit attempts appear to be connected to a similar attack against the “Google Chrome” website in December.
The attackers were able to take over the website by using the same methods they used against the Amazon Explorations Team website.
The results of these attacks have not yet been released, but the attackers are believed to have compromised a number of sites on the internet, including YouTube, Twitter, Dropbox, LinkedIn, and Facebook.
The group also used the same technique to exploit “amazon.com” vulnerabilities, which allow for remote data corruption.
A large number of other vulnerable websites were also used in the attacks, which are known to be vulnerable to similar attacks.
The attack on YouTube and Google’s Chrome website were carried out in December, and both were used by the group.
The “Capping” attack was launched in February and targeted several popular websites, including Netflix, Spotify, eBay, and Amazon.com.
The Exploiting of Amazon’s REST API exploit exploits the same vulnerabilities that were used in November’s attack on Amazon.
The researchers behind the exploit also used this exploit to gain control of a website that was used to sell Amazon Echo devices, as well as the “Fire TV Stick” and “FireTV Stick Pro” televisions, which were both released in March.
The remote code is not specific to these devices, but they are all widely used in IoT devices, which means they can be easily exploited for remote file or memory corruption.
The vulnerability was disclosed on February 13, with the group releasing a patch on May 10.
The attack exploits two of the two weaknesses in the Amazon REST API that were reported last year.
The third exploit also uses a cross-site request forgery vulnerability.
Both of these exploits were reported to Amazon earlier this month, and the group said it is working to identify more of the vulnerable websites and take them offline.
While it’s unclear if the attack will be successful, the group says they are continuing to work to improve their attacks.
We are currently working on mitigating the vulnerability.
We have an ongoing team focused on mitigating these issues and are committed to continuing to improve.
We will update you as soon as we can.