Suspicious activity

AWS Guard Duty: S3 Bucket with API calls against a public S3 Bucket with sensitive personally identifiable information (PII) from a suspicious source


S3 API calls from suspicious source address were detected by AWS GuardDuty service on the public S3 Bucket {AwsS3Bucket}. AWS GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity. The service detects one of the following types of S3 discovery findings (Discovery:S3/MaliciousIPCaller, Recon:EC2/PortProbeUnprotectedPort, Discovery:S3/MaliciousIPCaller.Custom, Discovery:S3/TorIPCaller) on a public S3 Bucket that Orca has identified with Potentially Personal Identifying Information.