Suspicious activity

RDS instance with CredentialAccess:RDS/MaliciousIPCaller.SuccessfulLogin GuardDuty Alert Found

Risk Level

Hazardous (3)

Platform(s)

Description

A user successfully logged into an RDS database in your account from a known malicious IP address.
  • Recommended Mitigation

    Revoke the compromised credentials and update security group rules to allow traffic only from the necessary sources.