Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks.
The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth said in a Tuesday analysis.
AWS STS is a web service that enables
In today's digital landscape, aroundΒ 60%Β of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations.Β
Despite S3 being a secure service from a reputable provider, its pivotal role in handling vast amounts of sensitive data (customer personal information, financial data, intellectual property, etc.), provides a juicy target for
Login
FreshRSS