Suspicious activity

Aws Role suspicious behavior: created new public s3 buckets

Risk Level

Hazardous (3)

Platform(s)

Description

It was found that a role created new public buckets. This is an anomaly in this role's behavior and might indicate on a exfiltration attempt. An attacker might create a public bucket to share confidential information outside the environment.
  • Recommended Mitigation

    It is recommended to check the content of the public buckets and verify they were created for a legitimate purpose.