|
|
|
|
|
|
by giggzy2
2512 days ago
|
|
|
The S3 bucket was not public. The hacker got ephemeral keys by remotely exploiting the WAF. The WAF had no reason to have privileges to read from S3, that was a mistake. I’m unclear if data in bucket was encrypted at rest but I guess if you get keys to read it’s a moot point. |
|
|