Tags
ATT&CK Tactic
Persistence (TA0003)Credential Access (TA0006)
Incidents
From refresh token theft to global admin
References
https://securitylabs.datadoghq.com/articles/following-attackers-trail-in-aws-methodology-findings-in-the-wild/
Last edited
May 19, 2024 10:07 AM
Status
Stub
Defenses
Cloud Log monitoring