Suspicious activity

List S3 object API call was made from malicious IP address

Platform(s)

Description

Orca detected that a ListObjects operation attempt. The operation was called from a malicious IP address - {MaliciousIp.MaliciousIp}, which might indicate of an asset reconnaissance attempt. An attacker with permissions to list objects, can gain information about entities.