Update Role API call that removed permissions from a role was made from TOR IP address
Suspicious activity
Update Role API call that removed permissions from a role was made from TOR IP address
Risk Level
Imminent Compromised (2)
Platform(s)
Description
Orca detected that an API call to update a role was made from a Tor IP address - {MaliciousIp.MaliciousIp}.
Recommended Mitigation
It is recommended to review the permissions which were used to make this api call. In addition, review the actions of the affected user and remove the policy if it is possible.