Researchers from Palo Alto Networks’ Unit 42 uncovered a large-scale cyber attack targeting cloud environments by exploiting secrets in .env files. The attack involved five phases: Initial Access, Account Discovery, Privilege Escalation, Malicious Execution, and Data Exfiltration. The attackers gained access to AWS
Table of contents
3.1. Structure of an AWS IAM Role — Trust and Permission Policies3.2. Escalating Privileges using CreateRole and AttachRolePolicySort: