Check Point sponsored this post. They use this to move laterally within a cloud environment and access sensitive assets.
In this attack, the attacker was able to log into the console using a low privilege user’s credentials.
Given that the stolen permissions of this user are not excessive, the attacker will attempt to escalate to a higher permission that has access to sensitive assets.
This post was sponsored by Check Point.Amazon Web Services is a sponsor of The New Stack.