“Unmasking the Threat: How AWS STS Exploitation Leads to Cloud Account Infiltration”
Main points: Threat actors can exploit Amazon Web Services Security Token Service (AWS STS) to infiltrate cloud accounts and conduct auxiliary attacks. Red Canary researchers highlight the capabilities of these threat actors in impersonating user identities and roles in cloud environments. AWS STS is a web service that grants applications or users temporary access-based security
Read More