Security News > 2023 > December > Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts
2023-12-06 13:38
Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth said in a Tuesday analysis. AWS STS is a web service that enables
News URL
https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Cloud threats have execs the most freaked out because they're not prepared (source)
- Evolving cloud threats: Insights and recommendations (source)
- AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks (source)
- AWS Cloud Development Kit flaw exposed accounts to full takeover (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)