|
|
|
|
|
|
by stephbu
1633 days ago
|
|
|
Just as likely as basic credential compromise is lateral attacks on compute resources from vulnerabilities such as Log4J. Enabling MFA, restricting intra/inter-VPC access, removing hard-coding credentials from configuration files/source etc., switching to SSO/removing user accounts with passwords, creating and applying restricted IAM roles, and applying those reduced privileges to EC2/ECS/EKS instances are all things that and should be done as soon as possible. (Non-exhaustive, but illustrative list) |
|
|