IAM privilege escalation

Tags

CloudAuthentication

ATT&CK Tactic

Privilege Escalation (TA0004)

ATT&CK Technique

Incidents

Cryptomining Campaign Exploiting Exposed Ray AI Infrastructure Exploitation of S1ngularity-exposed cloud keys for lateral movement

Last edited

Sep 22, 2024 10:12 AM

Status

Stub

Defenses

User Account Control IAM Policies

In AWS, unique combinations of privileges assigned to a principal can allow an attacker that has compromised the principal to escalate their privileges through a series of API calls.