stratus-red-team
stratus-red-team copied to clipboard
DataDog
New attack technique: SendSerialConsoleSSHPublicKey
see also #467
https://unit42.paloaltonetworks.com/cloud-lateral-movement-techniques/
- https://permiso.io/blog/lucr-3-scattered-spider-getting-saas-y-in-the-cloud
Also mentioned in the following writeup for the "ec2-instance-connect:SendSerialConsoleSSHPublicKey" permission:
- Login via Serial Ports: AWS: https://unit42.paloaltonetworks.com/cloud-virtual-machine-attack-vectors/
