The attack exploited overly permissive IAM permissions to abuse the victim’s Amazon SES and WorkMail services for sending phishing messages. JavaGhost gains an advantage by using other organizations' AWS environments, avoiding costs for created resources....