Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎12-07-2023 02:54 PM
‎12-07-2023 02:54 PM

Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Hi All

 

It appears that AWS Security Token Service (STS) has issues, so read this explanation and take action:

 

https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html

 

Regards

 

Caute_Cautim

Reply
1 Reply
Early_Adopter
Community Champion
‎12-08-2023 04:20 AM
‎12-08-2023 04:20 AM

Well, we do have service providers and identity providers separated for some reason in all the pretty architecture pictures… 😛

Though in fairness to Amazon this looks like you have to audit account use, have proper procedures and watch for the little credential squirrels wheresoever they may be.
Reply
0 Kudos