UNC6692 Combines Social Engineering, Malware, Cloud Abuse

📅 27 April 2026 at 20:30 UTC📰 Dark ReadingView original source ↗

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged campaign.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom 'Snow' malware in a multipronged campaign combining social engineering and malware delivery mechanisms.

⚙️Technical Details

Affected Systems

Microsoft TeamsAWS S3 buckets

Attack Vectors

Social engineeringMalware delivery via AWS S3 buckets

💥Impact Assessment

Severity: critical

Who Is at Risk

Organizations using Microsoft Teams and storing data in AWS S3 buckets

🛡️Recommended Actions

1Implement strict access controls for Microsoft Teams and AWS S3 buckets

2Monitor for suspicious activity on Microsoft Teams and AWS S3 buckets

3Educate users on social engineering tactics to prevent phishing attacks

📦Affected Products

Microsoft TeamsAWS S3 buckets

Read the full article

This is a curated summary. The complete article is available at Dark Reading.

Read on Dark Reading ↗

← Back to feed