Aws Role suspicious behavior: created new public s3 buckets
Suspicious activity
Aws Role suspicious behavior: created new public s3 buckets
Risk Level
Hazardous (3)
Platform(s)
Description
It was found that a role created new public buckets. This is an anomaly in this role's behavior and might indicate on a exfiltration attempt. An attacker might create a public bucket to share confidential information outside the environment.
Recommended Mitigation
It is recommended to check the content of the public buckets and verify they were created for a legitimate purpose.