cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Hi All

 

It appears that AWS Security Token Service (STS) has issues, so read this explanation and take action:

 

https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html

 

Regards

 

Caute_Cautim

1 Reply
Early_Adopter
Community Champion

Well, we do have service providers and identity providers separated for some reason in all the pretty architecture pictures… 😛

Though in fairness to Amazon this looks like you have to audit account use, have proper procedures and watch for the little credential squirrels wheresoever they may be.