Suspicious activity

Update Role API call that removed permissions from a role was made from TOR IP address

Risk Level

Imminent Compromised (2)



Orca detected that an API call to update a role was made from a Tor IP address - {MaliciousIp.MaliciousIp}.
  • Recommended Mitigation

    It is recommended to review the permissions which were used to make this api call. In addition, review the actions of the affected user and remove the policy if it is possible.