Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers and virtual machines, and VMs in other cloud environments). The success of this “living off the land” technique hinges on: Attackers gaining initial access to the machine (e.g., by exploiting an unpatched vulnerability on a public-facing instance/server), and The presence … More
The post Attackers can turn AWS SSM agents into remote access trojans appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: