all InfoSec news
How to Detect SCARLETEEL with Sysdig Secure
Malware Analysis, News and Indicators - Latest topics malware.news
The recent SCARLETEEL incident highlights the importance of detecting security threats early in the development cycle. With Terraform state files, attackers can easily access sensitive information and gain unauthorized access to your cloud infrastructure.
In this case, the attackers exploited a containerized workload and used it to perform privilege escalation into an AWS account, stealing software and credentials. They also attempted to expand their reach by using a Terraform state file to access other connected AWS accounts within the organization. …
access account accounts attackers aws blog blog post case cloud cloud infrastructure credentials detect development escalation exploited files incident information infrastructure organization privilege privilege escalation scarleteel security security threats sensitive information software state stealing sysdig sysdig secure terraform threats unauthorized access workload