TagsCloudATT&CK TacticPersistence (TA0003)IncidentsRBAC BusterSIM-Swap to Data Leak on Dark WebDangerDev SES abuse incidentS3 data exfiltrationLeaked long-lived AWS credsScarletEel campaign (Feb ‘23)ScarletEel campaign (July ‘23)S3 RansomOp following long-term key exposureScattered Spider SaaS targeting (2023)Referenceshttps://securitylabs.datadoghq.com/articles/following-attackers-trail-in-aws-methodology-findings-in-the-wild/Last editedMay 19, 2024 10:07 AMStatusStubDefensesCloud Log monitoring