Short-term AWS access tokens allow attackers to linger for a longer while

Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated with an AWS IAM or federated users (i.e, users who have authenticated via a third-party identity platform). They grant users – whether legitimate or malicious ones – specific roles and privileges. If the permission level is high enough, this compromised … More

The post Short-term AWS access tokens allow attackers to linger for a longer while appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: